BBR could run arbitrary scripts on deployment VMs
CVE-2019-3786

7.7HIGH

Key Information:

Vendor: Cloud Foundry
Status: Bosh Backup And Restore
Vendor: CVE Published:; 24 April 2019

🔔 Create Cloud Foundry Vulnerability Alert

What is CVE-2019-3786?

Cloud Foundry BOSH Backup and Restore CLI, all versions prior to 1.5.0, does not check the authenticity of backup scripts in BOSH. A remote authenticated malicious user can modify the metadata file of a Bosh Backup and Restore job to request extra backup files from different jobs upon restore. The exploited hooks in this metadata script were only maintained in the cfcr-etcd-release, so clusters deployed with the BBR job for etcd in this release are vulnerable.

Affected Version(s)

BOSH Backup and Restore All

References

https://www.cloudfoundry.org/blog/cve-2019-3786

x_refsource_CONFIRM

CVSS V3.1

Score:

7.7

Severity:

HIGH

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Changed

CVSS V3.0

Score:

7.7

Severity:

HIGH

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 24, 2019
Vulnerability Reserved
Jan 3, 2019

CVE-2019-3786 Data

JSON