Filtered by vendor Pivotal Software
Subscribe
Total
144 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-3793 | 1 Pivotal Software | 1 Application Service | 2023-12-10 | 5.0 MEDIUM | 9.8 CRITICAL |
| Pivotal Apps Manager Release, versions 665.0.x prior to 665.0.28, versions 666.0.x prior to 666.0.21, versions 667.0.x prior to 667.0.7, contain an invitation service that accepts HTTP. A remote unauthenticated user could listen to network traffic and gain access to the authorization credentials used to make the invitation requests. | |||||
| CVE-2019-3787 | 1 Pivotal Software | 1 Cloud Foundry Uaa-release | 2023-12-10 | 4.3 MEDIUM | 8.8 HIGH |
| Cloud Foundry UAA, versions prior to 73.0.0, falls back to appending “unknown.org” to a user's email address when one is not provided and the user name does not contain an @ character. This domain is held by a private company, which leads to attack vectors including password recovery emails sent to a potentially fraudulent address. This would allow the attacker to gain complete control of the user's account. | |||||
| CVE-2019-11276 | 1 Pivotal Software | 1 Application Service | 2023-12-10 | 4.8 MEDIUM | 5.4 MEDIUM |
| Pivotal Apps Manager, included in Pivotal Application Service versions 2.3.x prior to 2.3.16, 2.4.x prior to 2.4.12, 2.5.x prior to 2.5.8, and 2.6.x prior to 2.6.3, makes a request to the /cloudapplication endpoint via Spring actuator, and subsequent requests via unsecured http. An adjacent unauthenticated user could eavesdrop on the network traffic and gain access to the unencrypted token allowing the attacker to read the type of access a user has over an app. They may also modify the logging level, potentially leading to lost information that would otherwise have been logged. | |||||
| CVE-2019-3777 | 1 Pivotal Software | 1 Application Service | 2023-12-10 | 5.0 MEDIUM | 9.8 CRITICAL |
| Pivotal Application Service (PAS), versions 2.2.x prior to 2.2.12, 2.3.x prior to 2.3.7 and 2.4.x prior to 2.4.3, contain apps manager that uses a cloud controller proxy that fails to verify SSL certs. A remote unauthenticated attacker that could hijack the Cloud Controller's DNS record could intercept access tokens sent to the Cloud Controller, giving the attacker access to the user's resources in the Cloud Controller | |||||
| CVE-2019-3790 | 1 Pivotal Software | 1 Operations Manager | 2023-12-10 | 5.5 MEDIUM | 5.4 MEDIUM |
| The Pivotal Ops Manager, 2.2.x versions prior to 2.2.23, 2.3.x versions prior to 2.3.16, 2.4.x versions prior to 2.4.11, and 2.5.x versions prior to 2.5.3, contain configuration that circumvents refresh token expiration. A remote authenticated user can gain access to a browser session that was supposed to have expired, and access Ops Manager resources. | |||||
| CVE-2019-3776 | 1 Pivotal Software | 1 Operations Manager | 2023-12-10 | 3.5 LOW | 5.4 MEDIUM |
| Pivotal Operations Manager, 2.1.x versions prior to 2.1.20, 2.2.x versions prior to 2.2.16, 2.3.x versions prior to 2.3.10, 2.4.x versions prior to 2.4.3, contains a reflected cross site scripting vulnerability. A remote user that is able to convince an Operations Manager user to interact with malicious content could execute arbitrary JavaScript in the user's browser. | |||||
| CVE-2019-3794 | 1 Pivotal Software | 1 Cloud Foundry Uaa | 2023-12-10 | 4.3 MEDIUM | 5.4 MEDIUM |
| Cloud Foundry UAA, versions prior to v73.4.0, does not set an X-FRAME-OPTIONS header on various endpoints. A remote user can perform clickjacking attacks on UAA's frontend sites. | |||||
| CVE-2019-11268 | 1 Pivotal Software | 1 Cloud Foundry Uaa-release | 2023-12-10 | 4.0 MEDIUM | 4.3 MEDIUM |
| Cloud Foundry UAA version prior to 73.3.0, contain endpoints that contains improper escaping. An authenticated malicious user with basic read privileges for one identity zone can extend those reading privileges to all other identity zones and obtain private information on users, clients, and groups in all other identity zones. | |||||
| CVE-2019-3802 | 1 Pivotal Software | 1 Spring Data Java Persistance Api | 2023-12-10 | 5.0 MEDIUM | 5.3 MEDIUM |
| This affects Spring Data JPA in versions up to and including 2.1.6, 2.0.14 and 1.11.20. ExampleMatcher using ExampleMatcher.StringMatcher.STARTING, ExampleMatcher.StringMatcher.ENDING or ExampleMatcher.StringMatcher.CONTAINING could return more results than anticipated when a maliciously crafted example value is supplied. | |||||
| CVE-2019-3792 | 1 Pivotal Software | 1 Concourse | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
| Pivotal Concourse version 5.0.0, contains an API that is vulnerable to SQL injection. An Concourse resource can craft a version identifier that can carry a SQL injection payload to the Concourse server, allowing the attacker to read privileged data. | |||||
| CVE-2019-11270 | 1 Pivotal Software | 3 Application Service, Cloud Foundry Uaa, Operations Manager | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
| Cloud Foundry UAA versions prior to v73.4.0 contain a vulnerability where a malicious client possessing the 'clients.write' authority or scope can bypass the restrictions imposed on clients created via 'clients.write' and create clients with arbitrary scopes that the creator does not possess. | |||||
| CVE-2019-3797 | 1 Pivotal Software | 1 Spring Data Java Persistence Api | 2023-12-10 | 5.0 MEDIUM | 5.3 MEDIUM |
| This affects Spring Data JPA in versions up to and including 2.1.5, 2.0.13 and 1.11.19. Derived queries using any of the predicates ‘startingWith’, ‘endingWith’ or ‘containing’ could return more results than anticipated when a maliciously crafted query parameter value is supplied. Also, LIKE expressions in manually defined queries could return unexpected results if the parameter values bound did not have escaped reserved characters properly. | |||||
| CVE-2019-11273 | 1 Pivotal Software | 1 Pivotal Container Service | 2023-12-10 | 4.0 MEDIUM | 4.3 MEDIUM |
| Pivotal Container Services (PKS) versions 1.3.x prior to 1.3.7, and versions 1.4.x prior to 1.4.1, contains a vulnerable component which logs the username and password to the billing database. A remote authenticated user with access to those logs may be able to retrieve non-sensitive information. | |||||
| CVE-2018-15796 | 1 Pivotal Software | 1 Bits Service | 2023-12-10 | 5.5 MEDIUM | 8.1 HIGH |
| Cloud Foundry Bits Service Release, versions prior to 2.14.0, uses an insecure hashing algorithm to sign URLs. A remote malicious user may obtain a signed URL and extract the signing key, allowing them complete read and write access to the the Bits Service storage. | |||||
| CVE-2018-15754 | 1 Pivotal Software | 1 Cloud Foundry Uaa-release | 2023-12-10 | 4.0 MEDIUM | 8.8 HIGH |
| Cloud Foundry UAA, versions 60 prior to 66.0, contain an authorization logic error. In environments with multiple identity providers that contain accounts across identity providers with the same username, a remote authenticated user with access to one of these accounts may be able to obtain a token for an account of the same username in the other identity provider. | |||||
| CVE-2018-15795 | 1 Pivotal Software | 1 Credhub Service Broker | 2023-12-10 | 5.5 MEDIUM | 8.1 HIGH |
| Pivotal CredHub Service Broker, versions prior to 1.1.0, uses a guessable form of random number generation in creating service broker's UAA client. A remote malicious user may guess the client secret and obtain or modify credentials for users of the CredHub Service. | |||||
| CVE-2018-15798 | 1 Pivotal Software | 1 Concourse | 2023-12-10 | 5.8 MEDIUM | 5.4 MEDIUM |
| Pivotal Concourse Release, versions 4.x prior to 4.2.2, login flow allows redirects to untrusted websites. A remote unauthenticated attacker could convince a user to click on a link using the oAuth redirect link with an untrusted website and gain access to that user's access token in Concourse. | |||||
| CVE-2018-15758 | 1 Pivotal Software | 1 Spring Security Oauth | 2023-12-10 | 6.8 MEDIUM | 8.1 HIGH |
| Spring Security OAuth, versions 2.3 prior to 2.3.4, and 2.2 prior to 2.2.3, and 2.1 prior to 2.1.3, and 2.0 prior to 2.0.16, and older unsupported versions could be susceptible to a privilege escalation under certain conditions. A malicious user or attacker can craft a request to the approval endpoint that can modify the previously saved authorization request and lead to a privilege escalation on the subsequent approval. This scenario can happen if the application is configured to use a custom approval endpoint that declares AuthorizationRequest as a controller method argument. This vulnerability exposes applications that meet all of the following requirements: Act in the role of an Authorization Server (e.g. @EnableAuthorizationServer) and use a custom Approval Endpoint that declares AuthorizationRequest as a controller method argument. This vulnerability does not expose applications that: Act in the role of an Authorization Server and use the default Approval Endpoint, act in the role of a Resource Server only (e.g. @EnableResourceServer), act in the role of a Client only (e.g. @EnableOAuthClient). | |||||
| CVE-2018-11044 | 1 Pivotal Software | 1 Pivotal Application Service | 2023-12-10 | 4.0 MEDIUM | 6.5 MEDIUM |
| Pivotal Apps Manager included in Pivotal Application Service, versions 2.2.x prior to 2.2.1 and 2.1.x prior to 2.1.8 and 2.0.x prior to 2.0.17 and 1.12.x prior to 1.12.26, does not escape all user-provided content when sending invitation emails. A malicious authenticated user can inject content into an invite to another user, exploiting the trust implied by the source of the email. | |||||
| CVE-2018-1279 | 1 Pivotal Software | 1 Rabbitmq | 2023-12-10 | 3.3 LOW | 6.5 MEDIUM |
| Pivotal RabbitMQ for PCF, all versions, uses a deterministically generated cookie that is shared between all machines when configured in a multi-tenant cluster. A remote attacker who can gain information about the network topology can guess this cookie and, if they have access to the right ports on any server in the MQ cluster can use this cookie to gain full control over the entire cluster. | |||||