CVE-2017-4961 - Improper Validation of Integrity Check Value

Severity

65%

Complexity

80%

Confidentiality

106%

An issue was discovered in Cloud Foundry Foundation BOSH Release 261.x versions prior to 261.3 and all 260.x versions. In certain cases an authenticated Director user can provide a malicious checksum that could allow them to escalate their privileges on the Director VM, aka "BOSH Director Shell Injection Vulnerabilities."

An issue was discovered in Cloud Foundry Foundation BOSH Release 261.x versions prior to 261.3 and all 260.x versions. In certain cases an authenticated Director user can provide a malicious checksum that could allow them to escalate their privileges on the Director VM, aka "BOSH Director Shell Injection Vulnerabilities."

CVSS 3.0 Base Score 8.8. CVSS Attack Vector: network. CVSS Attack Complexity: low. CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H).

CVSS 2.0 Base Score 6.5. CVSS Attack Vector: network. CVSS Attack Complexity: low. CVSS Vector: (AV:N/AC:L/Au:S/C:P/I:P/A:P).

Demo Examples

Improper Validation of Integrity Check Value

CWE-354

The following example demonstrates the weakness.


               
}
if (inet_ntoa(cli.sin_addr)==...) n = recvfrom(sd, msg, MAX_MSG, 0, (struct sockaddr *) & cli, &clilen);

               
}
socket.send(sendPacket);

Overview

Type

Cloud Foundry Bosh

First reported 7 years ago

2017-06-13 06:29:00

Last updated 5 years ago

2019-10-03 00:03:00

Affected Software

Cloud Foundry Bosh 260

260

Cloud Foundry Bosh 260.1

260.1

Cloud Foundry Bosh 260.2

260.2

Cloud Foundry Bosh 260.3

260.3

Cloud Foundry Bosh 260.4

260.4

Cloud Foundry Bosh 260.5

260.5

Cloud Foundry Bosh 260.6

260.6

Cloud Foundry Bosh 261

261

Cloud Foundry Bosh 261.1

261.1

Cloud Foundry Bosh 261.2

261.2

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.