Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
pivotal software operations manager vulnerabilities and exploits
(subscribe to this query)
356
VMScore
CVE-2019-11292
Pivotal Ops Manager, versions 2.4.x before 2.4.27, 2.5.x before 2.5.24, 2.6.x before 2.6.16, and 2.7.x before 2.7.5, logs all query parameters to tomcat’s access file. If the query parameters are used to provide authentication, ie. credentials, then they will be logged as w...
Pivotal Software Operations Manager
445
VMScore
CVE-2019-11270
Cloud Foundry UAA versions prior to v73.4.0 contain a vulnerability where a malicious client possessing the 'clients.write' authority or scope can bypass the restrictions imposed on clients created via 'clients.write' and create clients with arbitrary scopes t...
Pivotal Software Operations Manager
Pivotal Software Application Service
Pivotal Software Cloud Foundry Uaa
490
VMScore
CVE-2019-3790
The Pivotal Ops Manager, 2.2.x versions before 2.2.23, 2.3.x versions before 2.3.16, 2.4.x versions before 2.4.11, and 2.5.x versions before 2.5.3, contain configuration that circumvents refresh token expiration. A remote authenticated user can gain access to a browser session th...
Pivotal Software Operations Manager
312
VMScore
CVE-2019-3776
Pivotal Operations Manager, 2.1.x versions before 2.1.20, 2.2.x versions before 2.2.16, 2.3.x versions before 2.3.10, 2.4.x versions before 2.4.3, contains a reflected cross site scripting vulnerability. A remote user that is able to convince an Operations Manager user to interac...
Pivotal Software Operations Manager
578
VMScore
CVE-2018-15762
Pivotal Operations Manager, versions 2.0.x before 2.0.24, versions 2.1.x before 2.1.15, versions 2.2.x before 2.2.7, and versions 2.3.x before 2.3.1, grants all users a scope which allows for privilege escalation. A remote malicious user who has been authenticated may create a ne...
Pivotal Software Operations Manager
356
VMScore
CVE-2018-11081
Pivotal Operations Manager, versions 2.2.x before 2.2.1, 2.1.x before 2.1.11, 2.0.x before 2.0.16, and 1.11.x before 2, fails to write the Operations Manager UAA config onto the temp RAM disk, thus exposing the configs directly onto disk. A remote user that has gained access to t...
Pivotal Software Operations Manager
383
VMScore
CVE-2018-11045
Pivotal Operations Manager, versions 2.1 before 2.1.6 and 2.0 before 2.0.15 and 1.12 before 1.12.22, contains a static Linux Random Number Generator (LRNG) seed file embedded in the appliance image. An attacker with knowledge of the exact version and IaaS of a running OpsManager ...
Pivotal Software Operations Manager
356
VMScore
CVE-2018-11046
Pivotal Operations Manager, versions 2.1.x before 2.1.6 and version 2.0.14, includes NGINX packages that lacks security vulnerability patches. An attacker with access to the NGINX processes and knowledge of how to exploit the unpatched vulnerabilities may be able to impact Operat...
Pivotal Software Operations Manager
Pivotal Software Operations Manager 2.0.14
668
VMScore
CVE-2016-0897
Pivotal Cloud Foundry (PCF) Ops Manager prior to 1.6.17 and 1.7.x prior to 1.7.8, when vCloud or vSphere is used, does not properly enable SSH access for operators, which has unspecified impact and remote attack vectors.
Pivotal Software Operations Manager 1.7.1
Pivotal Software Operations Manager 1.7.3
Pivotal Software Operations Manager 1.7.5
Pivotal Software Operations Manager 1.7.6
Pivotal Software Operations Manager 1.7.7
Pivotal Software Operations Manager
Pivotal Software Operations Manager 1.7.0
Pivotal Software Operations Manager 1.7.2
Pivotal Software Operations Manager 1.7.4
445
VMScore
CVE-2016-0883
Pivotal Cloud Foundry (PCF) Ops Manager prior to 1.5.14 and 1.6.x prior to 1.6.9 uses the same cookie-encryption key across different customers' installations, which allows remote malicious users to bypass session authentication by leveraging knowledge of this key from anoth...
Pivotal Software Operations Manager
Pivotal Software Operations Manager 1.6.1
Pivotal Software Operations Manager 1.6.6
Pivotal Software Operations Manager 1.6.8
Pivotal Software Operations Manager 1.6.2
Pivotal Software Operations Manager 1.6.3
Pivotal Software Operations Manager 1.6.4
Pivotal Software Operations Manager 1.6.5
Pivotal Software Operations Manager 1.6.0
Pivotal Software Operations Manager 1.6.7
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
brute force
CVE-2024-24908
open redirect
CVE-2024-31497
CVE-2023-45866
CVE-2024-4135
CVE-2024-25523
cache poisoning
CVE-2024-4649
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started