Total
2 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-1276 | 1 Pivotal Software | 1 Windows Stemcells | 2023-12-10 | 4.0 MEDIUM | 6.5 MEDIUM |
| Windows 2012R2 stemcells, versions prior to 1200.17, contain an information exposure vulnerability on vSphere. A remote user with the ability to push apps can execute crafted commands to read the IaaS metadata from the VM, which may contain BOSH credentials. | |||||
| CVE-2018-1197 | 1 Pivotal Software | 1 Windows Stemcells | 2023-12-10 | 6.0 MEDIUM | 8.5 HIGH |
| In Windows Stemcells versions prior to 1200.14, apps running inside containers in Windows on Google Cloud Platform are able to access the metadata endpoint. A malicious developer could use this access to gain privileged credentials. | |||||