CVE-2019-3800 (application_analytics, application_monitoring, application_performance_monitoring, application_service, azure_log_analytics_nozzle, azure_service_broker, businessworks_buildpack, cloud_foundry_autoscaling_release, cloud_foundry_command_line_interface, cloud_foundry_command_line_interface_release, cloud_foundry_deployment, cloud_foundry_deployment_concourse_tasks, cloud_foundry_event_alerts, cloud_foundry_healthwatch, cloud_foundry_log_cache_release, cloud_foundry_networking_release, cloud_foundry_notifications, cloud_foundry_routing_release, cloud_foundry_smoke_test, conjur_service_broker, credhub_service_broker_for_pcf, db_enterprise, dotnet_extension_buildpack, edge_service_broker, elasticsearch, enterprise_service_broker, google_cloud_platform_service_broker, logme, metric_registrar_release, mongodb, mysql, nozzle, on_demand_service_broker, pivotal_cloud_foundry_service_broker, platform_montioring, postgresql, pubsub+, rabbitmq, redis, seeker_iast_service_broker, service_broker, single_sign-on, steelcentral_appinternals, volume_service, wavefront_by_vmware_nozzle, websphere_liberty_)

CF CLI version prior to v6.45.0 (bosh release version 1.16.0) writes the client id and secret to its config file when the user authenticates with –client-credentials flag. A local authenticated malicious user with access to the CF CLI config file can act as that client, who is the owner of the leaked credentials.

View Full Alert

Related Posts