Show vulnerabilities with patch / with exploit

Multiple vulnerabilities in Pivotal VMware Harbor Container Registry for Pivotal Platform



Published: 2020-03-25
Severity High
Patch available YES
Number of vulnerabilities 4
CVE ID CVE-2019-19029
CVE-2019-19026
CVE-2019-19023
CVE-2019-19025
CWE ID CWE-89
CWE-264
CWE-352
Exploitation vector Network
Public exploit N/A
Vulnerable software
Subscribe
VMware Harbor Container Registry for PCF
Server applications / Virtualization software

Vendor Pivotal

Security Advisory

1) SQL injection

Severity: Medium

CVSSv3: 6.3 [CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C] [PCI]

CVE-ID: CVE-2019-19029

CWE-ID: CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

Exploit availability: No

Description

The vulnerability allows a remote user to execute arbitrary SQL queries in database.

The vulnerability exists due to insufficient sanitization of user-supplied data. A remote administrator can send a specially crafted request to the affected application and execute arbitrary SQL commands within the application database.

Successful exploitation of this vulnerability may allow a remote attacker to read, delete, modify data in database and gain complete control over the affected application.

Mitigation

Install update from vendor's website.

Vulnerable software versions

VMware Harbor Container Registry for PCF: -

CPE External links

https://github.com/goharbor/harbor/security/advisories
https://github.com/goharbor/harbor/security/advisories/GHSA-qcfv-8v29-469w
https://tanzu.vmware.com/security/cve-2019-19029

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) SQL injection

Severity: Medium

CVSSv3: 4.3 [CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C] [PCI]

CVE-ID: CVE-2019-19026

CWE-ID: CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

Exploit availability: No

Description

The vulnerability allows a remote user to execute arbitrary SQL queries in database.

The vulnerability exists due to insufficient sanitization of user-supplied data in project quotas. A remote administrator can send a specially crafted request to the affected application and gain access to sensitive information from the database. 

Successful exploitation of this vulnerability may allow a remote attacker to read data in database.

Mitigation

Install update from vendor's website.

Vulnerable software versions

VMware Harbor Container Registry for PCF: -

CPE External links

https://github.com/goharbor/harbor/security/advisories
https://github.com/goharbor/harbor/security/advisories/GHSA-rh89-vvrg-fg64
https://tanzu.vmware.com/security/cve-2019-19026

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Permissions, Privileges, and Access Controls

Severity: High

CVSSv3: 7.7 [CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C] [PCI]

CVE-ID: CVE-2019-19023

CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls

Exploit availability: No

Description

The vulnerability allows a remote attacker to escalate privileges on the system.

The vulnerability exists due to the Harbor API does not enforce the proper permissions and scope on the API request to modify the email address. A remote authenticated attacker can make an API call to modify the email address of a specific user, reset the password for that email address and gain access to that account.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

VMware Harbor Container Registry for PCF: -

CPE External links

https://github.com/goharbor/harbor/security/advisories
https://tanzu.vmware.com/security/cve-2019-19023

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

4) Cross-site request forgery

Severity: Low

CVSSv3: 5.3 [CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:U/RL:O/RC:C] [PCI]

CVE-ID: CVE-2019-19025

CWE-ID: CWE-352 - Cross-Site Request Forgery (CSRF)

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform cross-site request forgery attacks.

The vulnerability exists due to insufficient validation of the HTTP request origin. A remote attacker can trick the victim to visit a specially crafted web page and perform arbitrary actions on behalf of the victim on the vulnerable website.

Mitigation

Install update from vendor's website.

Vulnerable software versions

VMware Harbor Container Registry for PCF: -

CPE External links

https://github.com/goharbor/harbor/security/advisories
https://github.com/goharbor/harbor/security/advisories/GHSA-gcqm-v682-ccw6
https://tanzu.vmware.com/security/cve-2019-19025

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.