Application Service Security Vulnerabilities and Issues — Application Service CVE List

Lucene search

PivotalApplication Service

3 matches found

CVE•added 2019/08/05 5:15 p.m.•76 views

CVE-2019-3800

CF CLI version prior to v6.45.0 (bosh release version 1.16.0) writes the client id and secret to its config file when the user authenticates with --client-credentials flag. A local authenticated malicious user with access to the CF CLI config file can act as that client, who is the owner of the lea...

7.8CVSS6.5AI score0.00205EPSS

CVE•added 2018/09/17 4:29 p.m.•37 views

CVE-2018-11086

Pivotal Usage Service in Pivotal Application Service, versions 2.0 prior to 2.0.21 and 2.1 prior to 2.1.13 and 2.2 prior to 2.2.5, contains a bug which may allow escalation of privileges. A space developer with access to the system org may be able to access an artifact which contains the CF admin c...

8.8CVSS8.8AI score0.00335EPSS

CVE•added 2018/09/17 4:29 p.m.•34 views

CVE-2018-11088

Pivotal Applications Manager in Pivotal Application Service, versions 2.0 prior to 2.0.21 and 2.1 prior to 2.1.13 and 2.2 prior to 2.2.5, contains a bug which may allow escalation of privileges. A space developer with access to the system org may be able to access an artifact which contains the CF ...

8.8CVSS8.8AI score0.00335EPSS