Vulnerability Name: | CVE-2018-1267 (CCN-141133) | ||||||||||||
Assigned: | 2017-12-06 | ||||||||||||
Published: | 2018-03-26 | ||||||||||||
Updated: | 2021-09-09 | ||||||||||||
Summary: | Cloud Foundry Silk CNI plugin, versions prior to 0.2.0, contains an improper access control vulnerability. If the platform is configured with an application security group (ASG) that overlaps with the Silk overlay network, any applications can reach any other application on the network regardless of the configured routing policies. | ||||||||||||
CVSS v3 Severity: | 8.1 High (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H) 7.1 High (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)
6.4 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:U/RL:O/RC:C)
| ||||||||||||
CVSS v2 Severity: | 6.8 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P)
| ||||||||||||
Vulnerability Type: | CWE-732 | ||||||||||||
Vulnerability Consequences: | Gain Access | ||||||||||||
References: | Source: MITRE Type: CNA CVE-2018-1267 Source: XF Type: UNKNOWN cloudfoundry-cve20181267-weak-security(141133) Source: CCN Type: Cloud Foundry Web site Cloud Application Platform - Devops Platform Source: CCN Type: Cloud Foundry Blog, March 26, 2018 CVE-2018-1267: Silk permits routing to all applications if ASG overlaps with overlay network Source: CONFIRM Type: Third Party Advisory https://www.cloudfoundry.org/blog/cve-2018-1267/ | ||||||||||||
Vulnerable Configuration: | Configuration 1: Denotes that component is vulnerable | ||||||||||||
BACK |