Filtered by vendor Pivotal Software
Subscribe
Total
144 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-1264 | 1 Pivotal Software | 1 Cloud Foundry Log Cache | 2024-11-21 | 5.0 MEDIUM | 9.1 CRITICAL |
| Cloud Foundry Log Cache, versions prior to 1.1.1, logs its UAA client secret on startup as part of its envstruct report. A remote attacker who has gained access to the Log Cache VM can read this secret, gaining all privileges held by the Log Cache UAA client. In the worst case, if this client is an admin, the attacker would gain complete control over the Foundation. | |||||
| CVE-2018-1262 | 2 Cloudfoundry, Pivotal Software | 3 Cf-deployment, Cloud Foundry Uaa, Cloud Foundry Uaa-release | 2024-11-21 | 6.5 MEDIUM | 7.2 HIGH |
| Cloud Foundry Foundation UAA, versions 4.12.X and 4.13.X, introduced a feature which could allow privilege escalation across identity zones for clients performing offline validation. A zone administrator could configure their zone to issue tokens which impersonate another zone, granting up to admin privileges in the impersonated zone for clients performing offline token validation. | |||||
| CVE-2018-1260 | 1 Pivotal Software | 1 Spring Security Oauth | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Spring Security OAuth, versions 2.3 prior to 2.3.3, 2.2 prior to 2.2.2, 2.1 prior to 2.1.2, 2.0 prior to 2.0.15 and older unsupported versions contains a remote code execution vulnerability. A malicious user or attacker can craft an authorization request to the authorization endpoint that can lead to remote code execution when the resource owner is forwarded to the approval endpoint. | |||||
| CVE-2018-1259 | 2 Pivotal Software, Xmlbeam | 3 Spring Data Commons, Spring Data Rest, Xmlbeam | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| Spring Data Commons, versions 1.13 prior to 1.13.12 and 2.0 prior to 2.0.7, used in combination with XMLBeam 1.4.14 or earlier versions, contains a property binder vulnerability caused by improper restriction of XML external entity references as underlying library XMLBeam does not restrict external reference expansion. An unauthenticated remote malicious user can supply specially crafted request parameters against Spring Data's projection-based request payload binding to access arbitrary files on the system. | |||||
| CVE-2018-1258 | 5 Netapp, Oracle, Pivotal Software and 2 more | 42 Oncommand Insight, Oncommand Unified Manager, Oncommand Workflow Automation and 39 more | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| Spring Framework version 5.0.5 when used in combination with any versions of Spring Security contains an authorization bypass when using method security. An unauthorized malicious user can gain unauthorized access to methods that should be restricted. | |||||
| CVE-2018-1231 | 1 Pivotal Software | 1 Bosh Cli | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| Cloud Foundry BOSH CLI, versions prior to v3.0.1, contains an improper access control vulnerability. A user with access to an instance using the BOSH CLI can access the BOSH CLI configuration file and use its contents to perform authenticated requests to BOSH. | |||||
| CVE-2018-1230 | 1 Pivotal Software | 1 Spring Batch Admin | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| Pivotal Spring Batch Admin, all versions, does not contain cross site request forgery protection. A remote unauthenticated user could craft a malicious site that executes requests to Spring Batch Admin. This issue has not been patched because Spring Batch Admin has reached end of life. | |||||
| CVE-2018-1229 | 1 Pivotal Software | 1 Spring Batch Admin | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Pivotal Spring Batch Admin, all versions, contains a stored XSS vulnerability in the file upload feature. An unauthenticated malicious user with network access to Spring Batch Admin could store an arbitrary web script that would be executed by other users. This issue has not been patched because Spring Batch Admin has reached end of life. | |||||
| CVE-2018-1227 | 1 Pivotal Software | 1 Concourse | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| Pivotal Concourse after 2018-03-05 might allow remote attackers to have an unspecified impact, if a customer obtained the Concourse software from a DNS domain that is no longer controlled by Pivotal. The original domain for the Concourse CI (concourse-dot-ci) open source project has been registered by an unknown actor, and is therefore no longer the official website for Concourse CI. The new official domain is concourse-ci.org. At approximately 4 am EDT on March 7, 2018 the Concourse OSS team began receiving reports that the Concourse domain was not responding. The Concourse OSS team discovered, upon investigation with both the original and the new domain registrars, that the originating domain registrar had made the domain available for purchase. This was done despite the domain being renewed by the Concourse OSS team through August 2018. For a customer to be affected, they would have needed to access a download from a "concourse-dot-ci" domain web site after March 6, 2018 18:00:00 EST. Accessing that domain is NOT recommended by Pivotal. Anyone who had been using that domain should immediately begin using the concourse-ci.org domain instead. Customers can also safely access Concourse software from the traditionally available locations on the Pivotal Network or GitHub. | |||||
| CVE-2018-1200 | 1 Pivotal Software | 1 Pivotal Application Service | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| Apps Manager for PCF (Pivotal Application Service 1.11.x before 1.11.26, 1.12.x before 1.12.14, and 2.0.x before 2.0.5) allows unprivileged remote file read in its container via specially-crafted links. | |||||
| CVE-2018-1198 | 1 Pivotal Software | 1 Pivotal Cloud Cache | 2024-11-21 | 4.0 MEDIUM | 8.8 HIGH |
| Pivotal Cloud Cache, versions prior to 1.3.1, prints a superuser password in plain text during BOSH deployment logs. A malicious user with access to the logs could escalate their privileges using this password. | |||||
| CVE-2018-1197 | 1 Pivotal Software | 1 Windows Stemcells | 2024-11-21 | 6.0 MEDIUM | 8.5 HIGH |
| In Windows Stemcells versions prior to 1200.14, apps running inside containers in Windows on Google Cloud Platform are able to access the metadata endpoint. A malicious developer could use this access to gain privileged credentials. | |||||
| CVE-2018-1192 | 1 Pivotal Software | 4 Cloud Foundry Cf-deployment, Cloud Foundry Cf-release, Cloud Foundry Uaa and 1 more | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| In Cloud Foundry Foundation cf-release versions prior to v285; cf-deployment versions prior to v1.7; UAA 4.5.x versions prior to 4.5.5, 4.8.x versions prior to 4.8.3, and 4.7.x versions prior to 4.7.4; and UAA-release 45.7.x versions prior to 45.7, 52.7.x versions prior to 52.7, and 53.3.x versions prior to 53.3, the SessionID is logged in audit event logs. An attacker can use the SessionID to impersonate a logged-in user. | |||||
| CVE-2018-15798 | 1 Pivotal Software | 1 Concourse | 2024-11-21 | 5.8 MEDIUM | 7.6 HIGH |
| Pivotal Concourse Release, versions 4.x prior to 4.2.2, login flow allows redirects to untrusted websites. A remote unauthenticated attacker could convince a user to click on a link using the oAuth redirect link with an untrusted website and gain access to that user's access token in Concourse. | |||||
| CVE-2018-15797 | 1 Pivotal Software | 1 Cloud Foundry Nfs Volume | 2024-11-21 | 4.0 MEDIUM | 8.4 HIGH |
| Cloud Foundry NFS volume release, 1.2.x prior to 1.2.5, 1.5.x prior to 1.5.4, 1.7.x prior to 1.7.3, logs the cf admin username and password when running the nfsbrokerpush BOSH deploy errand. A remote authenticated user with access to BOSH can obtain the admin credentials for the Cloud Foundry Platform through the logs of the NFS volume deploy errand. | |||||
| CVE-2018-15796 | 1 Pivotal Software | 1 Bits Service | 2024-11-21 | 5.5 MEDIUM | 8.1 HIGH |
| Cloud Foundry Bits Service Release, versions prior to 2.14.0, uses an insecure hashing algorithm to sign URLs. A remote malicious user may obtain a signed URL and extract the signing key, allowing them complete read and write access to the the Bits Service storage. | |||||
| CVE-2018-15795 | 1 Pivotal Software | 1 Credhub Service Broker | 2024-11-21 | 5.5 MEDIUM | 8.1 HIGH |
| Pivotal CredHub Service Broker, versions prior to 1.1.0, uses a guessable form of random number generation in creating service broker's UAA client. A remote malicious user may guess the client secret and obtain or modify credentials for users of the CredHub Service. | |||||
| CVE-2018-15763 | 1 Pivotal Software | 1 Pivotal Container Service | 2024-11-21 | 4.0 MEDIUM | 9.0 CRITICAL |
| Pivotal Container Service, versions prior to 1.2.0, contains an information disclosure vulnerability which exposes IaaS credentials to application logs. A malicious user with access to application logs may be able to obtain IaaS credentials and perform actions using these credentials. | |||||
| CVE-2018-15762 | 1 Pivotal Software | 1 Operations Manager | 2024-11-21 | 6.5 MEDIUM | 9.0 CRITICAL |
| Pivotal Operations Manager, versions 2.0.x prior to 2.0.24, versions 2.1.x prior to 2.1.15, versions 2.2.x prior to 2.2.7, and versions 2.3.x prior to 2.3.1, grants all users a scope which allows for privilege escalation. A remote malicious user who has been authenticated may create a new client with administrator privileges for Opsman. | |||||
| CVE-2018-15761 | 1 Pivotal Software | 2 Cloud Foundry Uaa, Cloudfoundry Uaa Release | 2024-11-21 | 6.5 MEDIUM | 9.9 CRITICAL |
| Cloud Foundry UAA release, versions prior to v64.0, and UAA, versions prior to 4.23.0, contains a validation error which allows for privilege escalation. A remote authenticated user may modify the url and content of a consent page to gain a token with arbitrary scopes that escalates their privileges. | |||||