CVE-2018-15759

2018-11-19T14:29:00
ID CVE-2018-15759
Type cve
Reporter cve@mitre.org
Modified 2019-10-09T23:35:00

Description

Pivotal Cloud Foundry On Demand Services SDK, versions prior to 0.24 contain an insecure method of verifying credentials. A remote unauthenticated malicious user may make many requests to the service broker with different credentials, allowing them to infer valid credentials and gain access to perform broker operations.