What is CVE-2019-11275?

CVE-2019-11275 is a low-severity vulnerability in Pivotal Apps Manager, classified under Improper Neutralization of Special Elements in Output Used by a Downstream Component (Injection). CVSS score: 3.5/10. Published 2019-10-01.

How severe is CVE-2019-11275?

Low severity. CVSS v3 base score is 3.5 out of 10.

Vulnerability in Pivotal Apps Manager

CVE-2019-11275

Pivotal Application Manager, versions 666.0.x prior to 666.0.36, versions 667.0.x prior to 667.0.22, versions 668.0.x prior to 668.0.21, versions 669.0.x prior to 669.0.13, and versions 670.0.x prior to 670.0.7, contain a vulnerability whe…

EPSS: 0.002 (42.3th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 3.5 (Low). Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N.

Affected products

Pivotal Apps Manager — versions 670, 669, 668

Weakness classification (CWE)

CWE-74 — Improper Neutralization of Special Elements in Output Used by a Downstream Component (Injection)

References

pivotal.io/security/cve-2019-11275 (x_refsource_CONFIRM)

Frequently asked questions

What is CVE-2019-11275?: CVE-2019-11275 is a low-severity vulnerability in Pivotal Apps Manager, classified under Improper Neutralization of Special Elements in Output Used by a Downstream Component (Injection). CVSS score: 3.5/10. Published 2019-10-01.
How severe is CVE-2019-11275?: Low severity. CVSS v3 base score is 3.5 out of 10.