CVE-2020-5414

App Autoscaler logs credentials

Severity Score

5.7

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

VMware Tanzu Application Service for VMs (2.7.x versions prior to 2.7.19, 2.8.x versions prior to 2.8.13, and 2.9.x versions prior to 2.9.7) contains an App Autoscaler that logs the UAA admin password. This credential is redacted on VMware Tanzu Operations Manager; however, the unredacted logs are available to authenticated users of the BOSH Director. This credential would grant administrative privileges to a malicious user. The same versions of App Autoscaler also log the App Autoscaler Broker password. Prior to newer versions of Operations Manager, this credential was not redacted from logs. This credential allows a malicious user to create, delete, and modify App Autoscaler services instances. Operations Manager started redacting this credential from logs as of its versions 2.7.15, 2.8.6, and 2.9.1. Note that these logs are typically only visible to foundation administrators and operators.

VMware Tanzu Application Service para Máquinas Virtuales (versiones 2.7.x anteriores a 2.7.19, versiones 2.8.x anteriores a 2.8.13 y versiones 2.9.x anteriores a 2.9.7), contiene un App Autoscaler que registra la contraseña de administrador de UAA. Esta credencial es eliminada en VMware Tanzu Operations Manager; sin embargo, los registros no eliminados están disponibles para usuarios autenticados del BOSH Director. Esta credencial otorgaría privilegios administrativos a un usuario malicioso. Las mismas versiones de App Autoscaler también registran la contraseña de App Autoscaler Broker. Antes de las versiones más recientes de Operations Manager, esta credencial no fue eliminada de los registros. Esta credencial permite a un usuario malicioso crear, eliminar y modificar instancias de servicios de App Autoscaler. Operations Manager comenzó a eliminar esta credencial de los registros a partir de sus versiones 2.7.15, 2.8.6 y 2.9.1. Tome en cuenta que estos registros normalmente solo son visibles para los administradores y operadores de la fundación

*Credits: N/A

Attack Vector

Network

Attack Complexity

Low

Privileges Required

High

User Interaction

Required

Scope

Unchanged

Confidentiality

Low

Integrity

Low

Availability

High

Attack Vector

Network

Attack Complexity

Medium

Authentication

Single

Confidentiality

Partial

Integrity

Partial

Availability

Partial

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2020-01-03 CVE Reserved
2020-07-31 CVE Published
2023-03-08 EPSS Updated
2024-09-17 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-200: Exposure of Sensitive Information to an Unauthorized Actor
CWE-532: Insertion of Sensitive Information into Log File

CAPEC

References (1)

URL	Tag	Source

URL	Date	SRC

URL	Date	SRC

URL	Date	SRC
https://tanzu.vmware.com/security/cve-2020-5414	2020-08-04

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Vmware Search vendor "Vmware"		Tanzu Application Service For Virtual Machines Search vendor "Vmware" for product "Tanzu Application Service For Virtual Machines"				>= 2.7.0 < 2.7.19 Search vendor "Vmware" for product "Tanzu Application Service For Virtual Machines" and version " >= 2.7.0 < 2.7.19"		-		Affected
Vmware Search vendor "Vmware"		Tanzu Application Service For Virtual Machines Search vendor "Vmware" for product "Tanzu Application Service For Virtual Machines"				>= 2.8.0 < 2.8.13 Search vendor "Vmware" for product "Tanzu Application Service For Virtual Machines" and version " >= 2.8.0 < 2.8.13"		-		Affected
Vmware Search vendor "Vmware"		Tanzu Application Service For Virtual Machines Search vendor "Vmware" for product "Tanzu Application Service For Virtual Machines"				>= 2.9.0 < 2.9.7 Search vendor "Vmware" for product "Tanzu Application Service For Virtual Machines" and version " >= 2.9.0 < 2.9.7"		-		Affected
Vmware Search vendor "Vmware"		Operations Manager Search vendor "Vmware" for product "Operations Manager"				>= 2.7.0 < 2.7.15 Search vendor "Vmware" for product "Operations Manager" and version " >= 2.7.0 < 2.7.15"		-		Affected
Vmware Search vendor "Vmware"		Operations Manager Search vendor "Vmware" for product "Operations Manager"				>= 2.8.0 < 2.8.6 Search vendor "Vmware" for product "Operations Manager" and version " >= 2.8.0 < 2.8.6"		-		Affected
Vmware Search vendor "Vmware"		Operations Manager Search vendor "Vmware" for product "Operations Manager"				>= 2.9.0 < 2.9.1 Search vendor "Vmware" for product "Operations Manager" and version " >= 2.9.0 < 2.9.1"		-		Affected