CVE-2020-5416

Cloud Foundry Routing (Gorouter), versions prior to 0.204.0, when used in a deployment with NGINX reverse proxies in front of the Gorouters, is potentially vulnerable to denial-of-service attacks in which an unauthenticated malicious attacker can send specially-crafted HTTP requests that may cause the Gorouters to be dropped from the NGINX backend pool.

CVSS v3 6.5 MEDIUM
CVSS v2.0 4.0 MEDIUM

6.5^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 2.8 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

4.0^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:L/Au:S/C:N/I:N/A:P

Exploitability : 8.0 / Impact : 2.9

Access Vector NETWORK

Access Complexity LOW

Authentication SINGLE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact PARTIAL

References

Link	Resource
https://www.cloudfoundry.org/blog/cve-2020-5416	Vendor Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:cloudfoundry:cf-deployment::::::::
	cpe:2.3:a:cloudfoundry:routing-release::::::::

History

No history.

Information

Published : 2020-08-21 22:15

Updated : 2021-06-07 17:41

NVD link : CVE-2020-5416

Mitre link : CVE-2020-5416

CVE.ORG link : CVE-2020-5416

JSON object : View

Products Affected

cloudfoundry

cf-deployment
routing-release

CWE

CWE-404

Improper Resource Shutdown or Release

{"id": "CVE-2020-5416", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P", "authentication": "SINGLE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Secondary", "source": "security@pivotal.io", "cvssData": {"scope": "CHANGED", "version": "3.0", "baseScore": 7.7, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 4.0, "exploitabilityScore": 3.1}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 2.8}]}, "published": "2020-08-21T22:15:12.527", "references": [{"url": "https://www.cloudfoundry.org/blog/cve-2020-5416", "tags": ["Vendor Advisory"], "source": "security@pivotal.io"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-404"}]}, {"type": "Secondary", "source": "security@pivotal.io", "description": [{"lang": "en", "value": "CWE-404"}]}], "descriptions": [{"lang": "en", "value": "Cloud Foundry Routing (Gorouter), versions prior to 0.204.0, when used in a deployment with NGINX reverse proxies in front of the Gorouters, is potentially vulnerable to denial-of-service attacks in which an unauthenticated malicious attacker can send specially-crafted HTTP requests that may cause the Gorouters to be dropped from the NGINX backend pool."}, {"lang": "es", "value": "Cloud Foundry Routing (Gorouter), versiones anteriores a 0.204.0, cuando es usado en una implementaci\u00f3n con proxys inversos NGINX frente a los Gorouters, es potencialmente vulnerable a ataques de denegaci\u00f3n de servicio en los que un atacante malicioso no autenticado puede enviar peticiones HTTP especialmente dise\u00f1adas que pueden causar que los Gorouters sean eliminados del grupo de backend de NGINX."}], "lastModified": "2021-06-07T17:41:04.280", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:cloudfoundry:cf-deployment:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AAA9939F-B430-45EB-8B6A-E37E56D4258B", "versionEndExcluding": "13.13.0"}, {"criteria": "cpe:2.3:a:cloudfoundry:routing-release:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "86F6E764-7191-4EDB-AC4A-E606961F8542", "versionEndExcluding": "0.204.0"}], "operator": "OR"}]}], "sourceIdentifier": "security@pivotal.io"}