Operations Manager Security Vulnerabilities and Issues — Operations Manager CVE List

Lucene search

Pivotal SoftwareOperations Manager

3 matches found

CVE•added 2016/09/18 2:59 a.m.•29 views

CVE-2016-0883

Pivotal Cloud Foundry (PCF) Ops Manager before 1.5.14 and 1.6.x before 1.6.9 uses the same cookie-encryption key across different customers' installations, which allows remote attackers to bypass session authentication by leveraging knowledge of this key from another installation.

9.8CVSS9.5AI score0.00156EPSS

CVE•added 2018/11/02 10:29 p.m.•26 views

CVE-2018-15762

Pivotal Operations Manager, versions 2.0.x prior to 2.0.24, versions 2.1.x prior to 2.1.15, versions 2.2.x prior to 2.2.7, and versions 2.3.x prior to 2.3.1, grants all users a scope which allows for privilege escalation. A remote malicious user who has been authenticated may create a new client wi...

9CVSS8.7AI score0.00222EPSS

CVE•added 2016/09/18 2:59 a.m.•25 views

CVE-2016-0897

Pivotal Cloud Foundry (PCF) Ops Manager before 1.6.17 and 1.7.x before 1.7.8, when vCloud or vSphere is used, does not properly enable SSH access for operators, which has unspecified impact and remote attack vectors.

9.8CVSS9.4AI score0.00478EPSS