CVE-2017-4961 - OpenCVE

An issue was discovered in Cloud Foundry Foundation BOSH Release 261.x versions prior to 261.3 and all 260.x versions. In certain cases an authenticated Director user can provide a malicious checksum that could allow them to escalate their privileges on the Director VM, aka "BOSH Director Shell Injection Vulnerabilities."

No CVSS v3.1

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Low

Authentication Single

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:L/Au:S/C:P/I:P/A:P

Vendors & Products
CPE Configurations

Vendors	Products
Cloud Foundry	Bosh

Configuration 1 [-]

OR	cpe:2.3:a:cloud_foundry:bosh:260:::::::*
	cpe:2.3:a:cloud_foundry:bosh:260.1:::::::*
	cpe:2.3:a:cloud_foundry:bosh:260.2:::::::*
	cpe:2.3:a:cloud_foundry:bosh:260.3:::::::*
	cpe:2.3:a:cloud_foundry:bosh:260.4:::::::*
	cpe:2.3:a:cloud_foundry:bosh:260.5:::::::*
	cpe:2.3:a:cloud_foundry:bosh:260.6:::::::*
	cpe:2.3:a:cloud_foundry:bosh:260.7:::::::*
	cpe:2.3:a:cloud_foundry:bosh:261:::::::*
	cpe:2.3:a:cloud_foundry:bosh:261.1:::::::*
	cpe:2.3:a:cloud_foundry:bosh:261.2:::::::*

References

Link	Resource
https://www.cloudfoundry.org/cve-2017-4961/	Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: dell

Published: 2017-06-13T06:00:00

Updated: 2017-06-13T05:57:01

Reserved: 2016-12-29T00:00:00

Link: CVE-2017-4961

JSON object: View

NVD Information

Status : Analyzed

Published: 2017-06-13T06:29:00.393

Modified: 2019-10-03T00:03:26.223

Link: CVE-2017-4961

JSON object: View

Redhat Information

No data.

CWE

CWE-354

{"containers": {"cna": {"affected": [{"product": "Cloud Foundry Foundation BOSH Release", "vendor": "n/a", "versions": [{"status": "affected", "version": "Cloud Foundry Foundation BOSH Release"}]}], "datePublic": "2017-06-12T00:00:00", "descriptions": [{"lang": "en", "value": "An issue was discovered in Cloud Foundry Foundation BOSH Release 261.x versions prior to 261.3 and all 260.x versions. In certain cases an authenticated Director user can provide a malicious checksum that could allow them to escalate their privileges on the Director VM, aka \"BOSH Director Shell Injection Vulnerabilities.\""}], "problemTypes": [{"descriptions": [{"description": "BOSH Director Shell Injection Vulnerabilities", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-06-13T05:57:01", "orgId": "c550e75a-17ff-4988-97f0-544cde3820fe", "shortName": "dell"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://www.cloudfoundry.org/cve-2017-4961/"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security_alert@emc.com", "ID": "CVE-2017-4961", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Cloud Foundry Foundation BOSH Release", "version": {"version_data": [{"version_value": "Cloud Foundry Foundation BOSH Release"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "An issue was discovered in Cloud Foundry Foundation BOSH Release 261.x versions prior to 261.3 and all 260.x versions. In certain cases an authenticated Director user can provide a malicious checksum that could allow them to escalate their privileges on the Director VM, aka \"BOSH Director Shell Injection Vulnerabilities.\""}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "BOSH Director Shell Injection Vulnerabilities"}]}]}, "references": {"reference_data": [{"name": "https://www.cloudfoundry.org/cve-2017-4961/", "refsource": "CONFIRM", "url": "https://www.cloudfoundry.org/cve-2017-4961/"}]}}}}, "cveMetadata": {"assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe", "assignerShortName": "dell", "cveId": "CVE-2017-4961", "datePublished": "2017-06-13T06:00:00", "dateReserved": "2016-12-29T00:00:00", "dateUpdated": "2017-06-13T05:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:cloud_foundry:bosh:260:*:*:*:*:*:*:*", "matchCriteriaId": "B8F3F33E-AEE9-4D6B-96F8-908AECBCE525", "vulnerable": true}, {"criteria": "cpe:2.3:a:cloud_foundry:bosh:260.1:*:*:*:*:*:*:*", "matchCriteriaId": "BF5D0352-286C-4F64-9147-DEBE00F8B00D", "vulnerable": true}, {"criteria": "cpe:2.3:a:cloud_foundry:bosh:260.2:*:*:*:*:*:*:*", "matchCriteriaId": "44842718-23C0-462F-AEA0-0A1112BBF3B6", "vulnerable": true}, {"criteria": "cpe:2.3:a:cloud_foundry:bosh:260.3:*:*:*:*:*:*:*", "matchCriteriaId": "3D81B883-92C1-40C5-A791-03243CA6A463", "vulnerable": true}, {"criteria": "cpe:2.3:a:cloud_foundry:bosh:260.4:*:*:*:*:*:*:*", "matchCriteriaId": "2D755675-393A-440C-8333-E53CEE9CCB49", "vulnerable": true}, {"criteria": "cpe:2.3:a:cloud_foundry:bosh:260.5:*:*:*:*:*:*:*", "matchCriteriaId": "99AD3D75-6439-43CC-89CE-BA94BB8617A8", "vulnerable": true}, {"criteria": "cpe:2.3:a:cloud_foundry:bosh:260.6:*:*:*:*:*:*:*", "matchCriteriaId": "075C80C7-CF9E-4D0B-8A8F-009DAC9FF84D", "vulnerable": true}, {"criteria": "cpe:2.3:a:cloud_foundry:bosh:260.7:*:*:*:*:*:*:*", "matchCriteriaId": "5126E768-3CF2-4E88-AC18-23BAD27EDDAB", "vulnerable": true}, {"criteria": "cpe:2.3:a:cloud_foundry:bosh:261:*:*:*:*:*:*:*", "matchCriteriaId": "A8AC8AC7-38F4-4106-8805-8F805C257A58", "vulnerable": true}, {"criteria": "cpe:2.3:a:cloud_foundry:bosh:261.1:*:*:*:*:*:*:*", "matchCriteriaId": "F460F5ED-2FB6-49B7-9E9F-326388E713C1", "vulnerable": true}, {"criteria": "cpe:2.3:a:cloud_foundry:bosh:261.2:*:*:*:*:*:*:*", "matchCriteriaId": "0D858418-DCD2-4463-9330-C9A6C3E99237", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "An issue was discovered in Cloud Foundry Foundation BOSH Release 261.x versions prior to 261.3 and all 260.x versions. In certain cases an authenticated Director user can provide a malicious checksum that could allow them to escalate their privileges on the Director VM, aka \"BOSH Director Shell Injection Vulnerabilities.\""}, {"lang": "es", "value": "Se detect\u00f3 un problema en las versiones de BOSH versi\u00f3n 261.x anteriores a 261.3 y en todas las versiones de 260.x de Cloud Foundry Foundation. En ciertos casos, un usuario Director identificado puede proporcionar una suma de comprobaciones maliciosa que podr\u00eda permitirles escalar sus privilegios en la M\u00e1quina Virtual Director, tambi\u00e9n se conoce como \"BOSH Director Shell Injection Vulnerabilities"}], "id": "CVE-2017-4961", "lastModified": "2019-10-03T00:03:26.223", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "PARTIAL", "baseScore": 6.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2017-06-13T06:29:00.393", "references": [{"source": "security_alert@emc.com", "tags": ["Vendor Advisory"], "url": "https://www.cloudfoundry.org/cve-2017-4961/"}], "sourceIdentifier": "security_alert@emc.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-354"}], "source": "nvd@nist.gov", "type": "Primary"}]}