Pivotal_software Operations_manager
10 CVEs affecting Pivotal_software Operations_manager. Latest disclosed: 2020-01-09. Critical: 3, High: 3.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2016-0897 | Critical | 9.8 | 2016-09-18 | Pivotal Cloud Foundry (PCF) Ops Manager before 1.6.17 and 1.7.x before 1.7.8, when vCloud or vSphere is used, does not properly enable SSH access for operators… |
CVE-2016-0883 | Critical | 9.8 | 2016-09-18 | Pivotal Cloud Foundry (PCF) Ops Manager before 1.5.14 and 1.6.x before 1.6.9 uses the same cookie-encryption key across different customers' installations, whi… |
CVE-2018-15762 | Critical | 9.0 | 2018-11-02 | Pivotal Operations Manager, versions 2.0.x prior to 2.0.24, versions 2.1.x prior to 2.1.15, versions 2.2.x prior to 2.2.7, and versions 2.3.x prior to 2.3.1, g… |
CVE-2018-11081 | High | 7.9 | 2018-10-05 | Pivotal Operations Manager, versions 2.2.x prior to 2.2.1, 2.1.x prior to 2.1.11, 2.0.x prior to 2.0.16, and 1.11.x prior to 2, fails to write the Operations M… |
CVE-2019-11270 | High | 7.5 | 2019-08-05 | Cloud Foundry UAA versions prior to v73.4.0 contain a vulnerability where a malicious client possessing the 'clients.write' authority or scope can bypass the r… |
CVE-2019-3776 | High | 7.2 | 2019-03-07 | Pivotal Operations Manager, 2.1.x versions prior to 2.1.20, 2.2.x versions prior to 2.2.16, 2.3.x versions prior to 2.3.10, 2.4.x versions prior to 2.4.3, cont… |
CVE-2019-11292 | Medium | 6.5 | 2020-01-09 | Pivotal Ops Manager, versions 2.4.x prior to 2.4.27, 2.5.x prior to 2.5.24, 2.6.x prior to 2.6.16, and 2.7.x prior to 2.7.5, logs all query parameters to tomca… |
CVE-2018-11046 | Medium | 6.5 | 2018-06-25 | Pivotal Operations Manager, versions 2.1.x prior to 2.1.6 and version 2.0.14, includes NGINX packages that lacks security vulnerability patches. An attacker wi… |
CVE-2019-3790 | Medium | 6.1 | 2019-06-06 | The Pivotal Ops Manager, 2.2.x versions prior to 2.2.23, 2.3.x versions prior to 2.3.16, 2.4.x versions prior to 2.4.11, and 2.5.x versions prior to 2.5.3, con… |
CVE-2018-11045 | Medium | 5.9 | 2018-07-11 | Pivotal Operations Manager, versions 2.1 prior to 2.1.6 and 2.0 prior to 2.0.15 and 1.12 prior to 1.12.22, contains a static Linux Random Number Generator (LRN… |