CVE-2019-3790
CVE-2019-3790 affects Pivotal Ops Manager: versions 2.2.x before 2.2.23, 2.3.x before 2.3.16, 2.4.x before 2.4.11, and 2.5.x before 2.5.3. The vulnerability stems from configuration that circumvents refresh token expiration, allowing a remote authenticated user to reuse an expired session and acc...