CVE-2019-3790 Ops Manager uaa client issues tokens after refresh token expiration

🗓️ 06 Jun 2019 19:16:16Reported by dellType

CVE-2019-3790 Ops Manager security issu

Reporter	Title	Published	Views	Family All 5
CVE	CVE-2019-3790	6 Jun 201919:16	–	cve
EUVD	EUVD-2019-13421	7 Oct 202500:30	–	euvd
NVD	CVE-2019-3790	6 Jun 201919:29	–	nvd
OSV	CVE-2019-3790	6 Jun 201919:29	–	osv
Prion	Design/Logic Flaw	6 Jun 201919:29	–	prion

[
  {
    "product": "Pivotal Ops Manager",
    "vendor": "Pivotal",
    "versions": [
      {
        "lessThan": "2.3.16",
        "status": "affected",
        "version": "2.3",
        "versionType": "custom"
      },
      {
        "lessThan": "2.4.11",
        "status": "affected",
        "version": "2.4",
        "versionType": "custom"
      },
      {
        "lessThan": "2.2.23",
        "status": "affected",
        "version": "2.2",
        "versionType": "custom"
      },
      {
        "lessThan": "2.5.3",
        "status": "affected",
        "version": "2.5",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
pivotal	www.pivotal.io/security/cve-2019-3790
securityfocus	www.securityfocus.com/bid/108512

06 Jun 2019 19:17Current

6.2Medium risk

Vulners AI Score6.2

CVSS 36.1

EPSS0.0006

CWE-324