CVE-2018-15762
Pivotal Operations Manager gives all users heightened privileges
Pivotal Operations Manager, versions 2.0.x prior to 2.0.24, versions 2.1.x prior to 2.1.15, versions 2.2.x prior to 2.2.7, and versions 2.3.x prior to 2.3.1, grants all users a scope which allows for privilege escalation. A remote malicious user who has been authenticated may create a new client with administrator privileges for Opsman.
CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Produtos afetados
Pivotal Cloud Foundry · Pivotal Operations ManagerQuer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →Referências
https://pivotal.io/security/cve-2018-15762