CVE-2016-0732 Privilege Escalation


Severity

Critical

Vendor

Cloud Foundry Foundation

Versions Affected
  • Cloud Foundry v208 through v229
  • UAA v2.0.0 - v2.7.3 & v3.0.0
  • UAA-Release v2 through v4
Description

A privilege elevation vulnerability has been identified with the identity zones feature of UAA. Users with the appropriate permissions in one zone can perform unauthorized operations on a different zone. Only instances of UAA configured with multiple identity zones are vulnerable, which is a feature used by the Pivotal Single Sign On Service.

Affected Pivotal Products and Versions
  • Pivotal Cloud Foundry Elastic Runtime 1.6.0 through 1.6.13
Mitigation

Pivotal customers should follow the mitigation below:

  • Upgrade to Elastic Runtime 1.6.14 and later if currently running on a 1.6.x version of Elastic Runtime

OSS users are strongly encouraged to follow one of the mitigations below:

  • Upgrade to Cloud Foundry v230 [1] or later
  • For standalone UAA users
    • For users using UAA Version 3.0.0, please upgrade to UAA Release to v3.0.1 [3] or later
    • For users using standalone UAA Version 2.X.X, please upgrade to UAA Release to v2.7.4 [2] or v3.0.1 [3]
    • For users using UAA-Release (UAA bosh release), please upgrade to UAA-Release v5 [4]
Credit

Discovered by the GE Digital Security Team

References
History

2016-Feb-2: Initial vulnerability report published