Lucene search
+L

14 matches found

euvd
euvd
added 2025/10/07 12:30 a.m.4 views

EUVD-2019-13421

Malware in sbrugna...

6.1CVSS5.9AI score0.00663EPSS
Exploits0References3
euvd
euvd
added 2025/10/07 12:30 a.m.5 views

EUVD-2019-2976

Malware in sbrugna...

8.8CVSS7.6AI score0.01075EPSS
Exploits0References2
nvd
nvd
added 2020/01/09 12:15 a.m.20 views

CVE-2019-11292

Pivotal Ops Manager, versions 2.4.x prior to 2.4.27, 2.5.x prior to 2.5.24, 2.6.x prior to 2.6.16, and 2.7.x prior to 2.7.5, logs all query parameters to tomcat’s access file. If the query parameters are used to provide authentication, ie. credentials, then they will be logged as well...

8.8CVSS7AI score0.01075EPSS
Exploits0References1
osv
osv
added 2020/01/09 12:15 a.m.6 views

CVE-2019-11292

Pivotal Ops Manager, versions 2.4.x prior to 2.4.27, 2.5.x prior to 2.5.24, 2.6.x prior to 2.6.16, and 2.7.x prior to 2.7.5, logs all query parameters to tomcat’s access file. If the query parameters are used to provide authentication, ie. credentials, then they will be logged as well...

6.5CVSS6.9AI score0.01075EPSS
Exploits0References1
prion
prion
added 2020/01/09 12:15 a.m.21 views

Authentication flaw

Pivotal Ops Manager, versions 2.4.x prior to 2.4.27, 2.5.x prior to 2.5.24, 2.6.x prior to 2.6.16, and 2.7.x prior to 2.7.5, logs all query parameters to tomcat’s access file. If the query parameters are used to provide authentication, ie. credentials, then they will be logged as well...

4CVSS8.5AI score0.01075EPSS
Exploits0References1Affected Software1
cnvd
cnvd
added 2020/01/09 12:0 a.m.4 views

Pivotal Ops Manager Information Disclosure Vulnerability

Pivotal Software Ops Manager is a set of open source Platform-as-a-Service PaaS cloud computing platform from US-based Pivotal Software. The platform can provide container scheduling, continuous delivery and automated service deployment and other functions. An information disclosure vulnerability...

8.8CVSS6.2AI score0.01075EPSS
Exploits0References1
cve
cve
added 2020/01/08 11:55 p.m.92 views

CVE-2019-11292

CVE-2019-11292 affects Pivotal Ops Manager: versions 2.4.x before 2.4.27, 2.5.x before 2.5.24, 2.6.x before 2.6.16, and 2.7.x before 2.7.5 log all query parameters to Tomcat’s access log; if params serve authentication, credentials may be logged. Root cause: parameter logging leakage into logs. I...

8.8CVSS6.8AI score0.01075EPSS
Exploits0References1Affected Software1
cvelist
cvelist
added 2020/01/08 11:55 p.m.24 views

CVE-2019-11292 Pivotal Ops Manager logs query parameters in tomcat access file

Pivotal Ops Manager, versions 2.4.x prior to 2.4.27, 2.5.x prior to 2.5.24, 2.6.x prior to 2.6.16, and 2.7.x prior to 2.7.5, logs all query parameters to tomcat’s access file. If the query parameters are used to provide authentication, ie. credentials, then they will be logged as well...

8.8CVSS6.4AI score0.01075EPSS
Exploits0References1
symantec
symantec
added 2019/06/28 12:0 a.m.24 views

Pivotal Ops Manager CVE-2019-11271 Local Information Disclosure Vulnerability

Description Pivotal Ops Manager is prone to local information-disclosure vulnerability. An attacker can exploit this issue to gain access to sensitive information; this may lead to further attacks. Technologies Affected Pivotal Cloud Foundry Ops Manager 2.3 Pivotal Cloud Foundry Ops Manager 2.3.0...

2.1CVSS1.1AI score0.00286EPSS
Exploits0References1Affected Software1
nvd
nvd
added 2019/06/06 7:29 p.m.19 views

CVE-2019-3790

The Pivotal Ops Manager, 2.2.x versions prior to 2.2.23, 2.3.x versions prior to 2.3.16, 2.4.x versions prior to 2.4.11, and 2.5.x versions prior to 2.5.3, contain configuration that circumvents refresh token expiration. A remote authenticated user can gain access to a browser session that was...

6.1CVSS6.1AI score0.00663EPSS
Exploits0References2
prion
prion
added 2019/06/06 7:29 p.m.13 views

Design/Logic Flaw

The Pivotal Ops Manager, 2.2.x versions prior to 2.2.23, 2.3.x versions prior to 2.3.16, 2.4.x versions prior to 2.4.11, and 2.5.x versions prior to 2.5.3, contain configuration that circumvents refresh token expiration. A remote authenticated user can gain access to a browser session that was...

5.5CVSS5.4AI score0.00663EPSS
Exploits0References2Affected Software1
osv
osv
added 2019/06/06 7:29 p.m.4 views

CVE-2019-3790

The Pivotal Ops Manager, 2.2.x versions prior to 2.2.23, 2.3.x versions prior to 2.3.16, 2.4.x versions prior to 2.4.11, and 2.5.x versions prior to 2.5.3, contain configuration that circumvents refresh token expiration. A remote authenticated user can gain access to a browser session that was...

5.4CVSS5.8AI score0.00663EPSS
Exploits0References2
cve
cve
added 2019/06/06 7:16 p.m.174 views

CVE-2019-3790

CVE-2019-3790 affects Pivotal Ops Manager: versions 2.2.x before 2.2.23, 2.3.x before 2.3.16, 2.4.x before 2.4.11, and 2.5.x before 2.5.3. The vulnerability stems from configuration that circumvents refresh token expiration, allowing a remote authenticated user to reuse an expired session and acc...

6.1CVSS5.5AI score0.00663EPSS
Exploits0References2Affected Software1
cnvd
cnvd
added 2016/07/17 12:0 a.m.5 views

Pivotal Software Ops Manager HTML Injection Vulnerability

Pivotal Software PCF Ops Manager is a set of consoles for installing, upgrading and changing PCFs from Pivotal Software, USA. An HTML injection vulnerability exists in Pivotal Software Ops Manager version 1.6.x prior to 1.6.17. An attacker can exploit this vulnerability to execute arbitrary scrip...

6.1CVSS7.6AI score0.00999EPSS
Exploits0References1
Rows per page
Query Builder