CVE-2019-11290 : What You Need to Know
Discover the impact of CVE-2019-11290 where Cloud Foundry UAA Release logs query parameters in tomcat's access file, potentially exposing sensitive data. Learn about the vulnerability, affected systems, and mitigation steps.
Cloud Foundry UAA logs query parameters in tomcat access file.
Understanding CVE-2019-11290
Cloud Foundry UAA Release, prior to version v74.8.0, records all query parameters in tomcat's access file. In case the query parameters are utilized for authentication, such as credentials, they will also be included in the logs.
What is CVE-2019-11290?
- Vulnerability in Cloud Foundry UAA Release logging query parameters in tomcat's access file
- Query parameters used for authentication, including sensitive data, are logged
The Impact of CVE-2019-11290
- CVSS Score: 8.8 (High)
- Severity: High
- Attack Vector: Network
- Confidentiality Impact: High
- Integrity Impact: High
- Availability Impact: High
Technical Details of CVE-2019-11290
Cloud Foundry UAA Release vulnerability details
Vulnerability Description
- UAA Release logs all query parameters in tomcat's access file
- Sensitive information like credentials may be exposed in the logs
Affected Systems and Versions
- Affected Product: UAA Release
- Vendor: Cloud Foundry
- Affected Versions: All versions prior to v74.8.0
Exploitation Mechanism
- Attack Complexity: Low
- Privileges Required: Low
- Scope: Unchanged
- No user interaction required
Mitigation and Prevention
Steps to address and prevent CVE-2019-11290
Immediate Steps to Take
- Update UAA Release to version v74.8.0 or higher
- Monitor and restrict access to log files
Long-Term Security Practices
- Regularly review and audit log files for sensitive information
- Implement secure logging practices to avoid exposure of credentials
Patching and Updates
- Apply patches and updates provided by Cloud Foundry