// For flags

CVE-2019-3786

BBR could run arbitrary scripts on deployment VMs

Severity Score

7.1
*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

Cloud Foundry BOSH Backup and Restore CLI, all versions prior to 1.5.0, does not check the authenticity of backup scripts in BOSH. A remote authenticated malicious user can modify the metadata file of a Bosh Backup and Restore job to request extra backup files from different jobs upon restore. The exploited hooks in this metadata script were only maintained in the cfcr-etcd-release, so clusters deployed with the BBR job for etcd in this release are vulnerable.

Cloud Foundry BOSH Backup y Restore CLI, todas las versiones anteriores a 1.5.0, no comprueba la identificacióbn de scripts backup en BOSH. Un usuario malicioso autorizado de manera remota puede modificar el archivo de metadatos de una tarea de backup y restauración de Bosh para requerir archivos de copia de seguridad adicionales de distintas tareas en la restauración. Los Hooks (ganchos) aprovechados en este script de metadatos solo se mantuvieron en la versión cfcr-etcd, por lo que los clusters implementados con el trabajo BBR para etcd en esta versión son vulnerables.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
Low
Integrity
High
Availability
None
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Changed
Confidentiality
High
Integrity
None
Availability
None
Attack Vector
Network
Attack Complexity
Low
Authentication
Single
Confidentiality
None
Integrity
Partial
Availability
None
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2019-01-03 CVE Reserved
  • 2019-04-24 CVE Published
  • 2023-03-08 EPSS Updated
  • 2024-09-17 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-269: Improper Privilege Management
  • CWE-345: Insufficient Verification of Data Authenticity
CAPEC
References (1)
URL Tag Source
URL Date SRC
URL Date SRC
URL Date SRC
https://www.cloudfoundry.org/blog/cve-2019-3786 2020-10-16
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Cloudfoundry
Search vendor "Cloudfoundry"
 Bosh Backup And Restore
Search vendor "Cloudfoundry" for product "Bosh Backup And Restore"
 < 1.5.0
Search vendor "Cloudfoundry" for product "Bosh Backup And Restore" and version " < 1.5.0"
-
Affected