An issue was discovered in Cloud Foundry Foundation BOSH Release 261.x versions prior to 261.3 and all 260.x versions. In certain cases an authenticated Director user can provide a malicious checksum that could allow them to escalate their privileges on the Director VM, aka BOSH Director Shell Injection Vulnerabilities.
Weakness
The product does not validate or incorrectly validates the integrity check values or “checksums” of a message. This may prevent it from detecting if the data has been modified or corrupted in transmission.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Bosh | Cloud_foundry | 260 (including) | 260 (including) |
| Bosh | Cloud_foundry | 260.1 (including) | 260.1 (including) |
| Bosh | Cloud_foundry | 260.2 (including) | 260.2 (including) |
| Bosh | Cloud_foundry | 260.3 (including) | 260.3 (including) |
| Bosh | Cloud_foundry | 260.4 (including) | 260.4 (including) |
| Bosh | Cloud_foundry | 260.5 (including) | 260.5 (including) |
| Bosh | Cloud_foundry | 260.6 (including) | 260.6 (including) |
| Bosh | Cloud_foundry | 260.7 (including) | 260.7 (including) |
| Bosh | Cloud_foundry | 261 (including) | 261 (including) |
| Bosh | Cloud_foundry | 261.1 (including) | 261.1 (including) |
| Bosh | Cloud_foundry | 261.2 (including) | 261.2 (including) |
Potential Mitigations
Related Attack Patterns
- https://cwe.mitre.org/data/definitions/145.html
- https://cwe.mitre.org/data/definitions/463.html
- https://cwe.mitre.org/data/definitions/75.html