cnvd - cnvd-2017-09726

cnvd-2017-09726

Vulnerability from cnvd

Title: BOSH Director VM代理匿名端点漏洞

Description:

BOSH是一个针对大规模分布系统的部署和生命周期管理的开源工具，Director VM是其中的一个虚拟机，stemcell是其中的一个镜像。

使用stemcell 3232.6之前的版本和3146.13之前的版本的BOSH Director VM中的Agent的endpoint存在安全漏洞。攻击者可借助与现存GUID相匹配的URL利用该漏洞读取或写入blobs，或实施拒绝服务攻击。

Severity: 中

Patch Name: BOSH Director VM代理匿名端点漏洞的补丁

Patch Description:

BOSH是一个针对大规模分布系统的部署和生命周期管理的开源工具，Director VM是其中的一个虚拟机，stemcell是其中的一个镜像。

使用stemcell 3232.6之前的版本和3146.13之前的版本的BOSH Director VM中的Agent的endpoint存在安全漏洞。攻击者可借助与现存GUID相匹配的URL利用该漏洞读取或写入blobs，或实施拒绝服务攻击。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description:

目前厂商已经发布了升级补丁以修复此安全问题，详情请关注厂商主页： http://bosh.io

Reference: https://pivotal.io/security/cve-2016-4435

Impacted products

Name
['Cloud Foundry Foundation bosh stemcell <=3232.6', 'Cloud Foundry Foundation bosh stemcell 3146.13']

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2016-4435"
    }
  },
  "description": "BOSH\u662f\u4e00\u4e2a\u9488\u5bf9\u5927\u89c4\u6a21\u5206\u5e03\u7cfb\u7edf\u7684\u90e8\u7f72\u548c\u751f\u547d\u5468\u671f\u7ba1\u7406\u7684\u5f00\u6e90\u5de5\u5177\uff0cDirector VM\u662f\u5176\u4e2d\u7684\u4e00\u4e2a\u865a\u62df\u673a\uff0cstemcell\u662f\u5176\u4e2d\u7684\u4e00\u4e2a\u955c\u50cf\u3002\r\n\r\n\u4f7f\u7528stemcell 3232.6\u4e4b\u524d\u7684\u7248\u672c\u548c3146.13\u4e4b\u524d\u7684\u7248\u672c\u7684BOSH Director VM\u4e2d\u7684Agent\u7684endpoint\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u501f\u52a9\u4e0e\u73b0\u5b58GUID\u76f8\u5339\u914d\u7684URL\u5229\u7528\u8be5\u6f0f\u6d1e\u8bfb\u53d6\u6216\u5199\u5165blobs\uff0c\u6216\u5b9e\u65bd\u62d2\u7edd\u670d\u52a1\u653b\u51fb\u3002",
  "discovererName": "Cloud Foundry Foundation",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6b64\u5b89\u5168\u95ee\u9898\uff0c\u8be6\u60c5\u8bf7\u5173\u6ce8\u5382\u5546\u4e3b\u9875\uff1a\r\nhttp://bosh.io",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2017-09726",
  "openTime": "2017-06-15",
  "patchDescription": "BOSH\u662f\u4e00\u4e2a\u9488\u5bf9\u5927\u89c4\u6a21\u5206\u5e03\u7cfb\u7edf\u7684\u90e8\u7f72\u548c\u751f\u547d\u5468\u671f\u7ba1\u7406\u7684\u5f00\u6e90\u5de5\u5177\uff0cDirector VM\u662f\u5176\u4e2d\u7684\u4e00\u4e2a\u865a\u62df\u673a\uff0cstemcell\u662f\u5176\u4e2d\u7684\u4e00\u4e2a\u955c\u50cf\u3002\r\n\r\n\u4f7f\u7528stemcell 3232.6\u4e4b\u524d\u7684\u7248\u672c\u548c3146.13\u4e4b\u524d\u7684\u7248\u672c\u7684BOSH Director VM\u4e2d\u7684Agent\u7684endpoint\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u501f\u52a9\u4e0e\u73b0\u5b58GUID\u76f8\u5339\u914d\u7684URL\u5229\u7528\u8be5\u6f0f\u6d1e\u8bfb\u53d6\u6216\u5199\u5165blobs\uff0c\u6216\u5b9e\u65bd\u62d2\u7edd\u670d\u52a1\u653b\u51fb\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "BOSH Director VM\u4ee3\u7406\u533f\u540d\u7aef\u70b9\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": [
      "Cloud Foundry Foundation bosh stemcell \u003c=3232.6",
      "Cloud Foundry Foundation bosh stemcell  3146.13"
    ]
  },
  "referenceLink": "https://pivotal.io/security/cve-2016-4435",
  "serverity": "\u4e2d",
  "submitTime": "2017-05-27",
  "title": "BOSH Director VM\u4ee3\u7406\u533f\u540d\u7aef\u70b9\u6f0f\u6d1e"
}

CVE-2016-4435 (GCVE-0-2016-4435)

Vulnerability from cvelistv5

Published

2017-05-25 17:00

Modified

2024-08-06 00:32

Severity ?

CWE

Summary

An endpoint of the Agent running on the BOSH Director VM with stemcell versions prior to 3232.6 and 3146.13 may allow unauthenticated clients to read or write blobs or cause a denial of service attack on the Director VM. This vulnerability requires that the unauthenticated clients guess or find a URL matching an existing GUID.

References

▼	URL	Tags
	https://pivotal.io/security/cve-2016-4435	x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	Pivotal	Cloud Foundry	Version: BOSH stemcell versions prior to 3232.6 and 3146.13

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T00:32:24.614Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://pivotal.io/security/cve-2016-4435"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cloud Foundry",
          "vendor": "Pivotal",
          "versions": [
            {
              "status": "affected",
              "version": "BOSH stemcell versions prior to 3232.6 and 3146.13"
            }
          ]
        }
      ],
      "datePublic": "2016-06-13T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "An endpoint of the Agent running on the BOSH Director VM with stemcell versions prior to 3232.6 and 3146.13 may allow unauthenticated clients to read or write blobs or cause a denial of service attack on the Director VM. This vulnerability requires that the unauthenticated clients guess or find a URL matching an existing GUID."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "DoS",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-05-25T16:57:01",
        "orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
        "shortName": "dell"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://pivotal.io/security/cve-2016-4435"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security_alert@emc.com",
          "ID": "CVE-2016-4435",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cloud Foundry",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "BOSH stemcell versions prior to 3232.6 and 3146.13"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Pivotal"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "An endpoint of the Agent running on the BOSH Director VM with stemcell versions prior to 3232.6 and 3146.13 may allow unauthenticated clients to read or write blobs or cause a denial of service attack on the Director VM. This vulnerability requires that the unauthenticated clients guess or find a URL matching an existing GUID."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "DoS"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://pivotal.io/security/cve-2016-4435",
              "refsource": "CONFIRM",
              "url": "https://pivotal.io/security/cve-2016-4435"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
    "assignerShortName": "dell",
    "cveId": "CVE-2016-4435",
    "datePublished": "2017-05-25T17:00:00",
    "dateReserved": "2016-05-02T00:00:00",
    "dateUpdated": "2024-08-06T00:32:24.614Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted