CVE-2018-11083 HIGH

CVE-2018-11083: Bosh accepts refresh tokens in place of an access token

Vendor Cloud Foundry
Product BOSH
Published October 5, 2018
Last update August 5, 2024

CVSS base score

8.4/10
Attack vector Adjacent
Attack complexity Low
Privileges required Low
User interaction Required
Confidentiality High
Integrity High

CVSS vector

CVSS:3.0/AV:A/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H

What the vulnerability does

01Description

Cloud Foundry BOSH, versions v264 prior to v264.14.0 and v265 prior to v265.7.0 and v266 prior to v266.8.0 and v267 prior to v267.2.0, allows refresh tokens to be as access tokens when using UAA for authentication. A remote attacker with an admin refresh token given by UAA can be used to access BOSH resources without obtaining an access token, even if their user no longer has access to those resources.

Key dates

02Disclosure timeline

October 5, 2018 CVE published
August 5, 2024 Record updated