User Account And Authentication
CVE-2019-11278
HIGH
Severity by source
AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
1DescriptionNVD
CF UAA versions prior to 74.1.0, allow external input to be directly queried against. A remote malicious user with 'client.write' and 'groups.update' can craft a SCIM query, which leaks information that allows an escalation of privileges, ultimately allowing the malicious user to gain control of UAA scopes they should not have.
AnalysisAI
CF UAA versions prior to 74.1.0, allow external input to be directly queried against. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Technical ContextAI
This vulnerability is classified as Command Injection (CWE-77), which allows attackers to inject arbitrary commands into system command execution. CF UAA versions prior to 74.1.0, allow external input to be directly queried against. A remote malicious user with 'client.write' and 'groups.update' can craft a SCIM query, which leaks information that allows an escalation of privileges, ultimately allowing the malicious user to gain control of UAA scopes they should not have. Affected products include: Cloudfoundry User Account And Authentication. Version information: prior to 74.1.0.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Use parameterized APIs, avoid shell execution, validate input with strict allowlists.
The identity zones feature in Pivotal Cloud Foundry 208 through 229; UAA 2.0.0 through 2.7.3 and 3.0.0; UAA-Release 2 th
In Cloud Foundry UAA, versions prior to 74.14.0, a CSRF vulnerability exists due to the OAuth2 state parameter not being
In UAA versions prior to 75.3.0, sensitive information like relaying secret of the provider was revealed in response whe
Cloud Foundry UAA Release, versions prior to v74.8.0, logs all query parameters to tomcat’s access file. Rated high seve
Cloud Foundry UAA Release, versions prior to v74.10.0, when set to logging level DEBUG, logs client_secret credentials w
UAA server versions prior to 75.4.0 are vulnerable to an open redirect vulnerability. Rated medium severity (CVSS 6.1),
Cloud Foundry UAA, versions prior to 74.0.0, is vulnerable to an XSS attack. Rated medium severity (CVSS 6.1), this vuln
This disclosure regards a vulnerability related to UAA refresh tokens and external identity providers.Assuming that an e
Same weakness CWE-77 – Command Injection
View allSame technique Command Injection
View allShare
External POC / Exploit Code
Leaving vuln.today