Pivotal CredHub Service Broker, versions before 1.1.0, uses a guessable form of random number generation in creating service broker's UAA client. A remote malicious user may guess the client secret and obtain or modify credentials for users of the CredHub Service.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
pivotal software credhub service broker |