Search

Find a vulnerability

Search criteria

    4 vulnerabilities found for Application Service by Pivotal

    CVE-2018-11088 (GCVE-0-2018-11088)

    Vulnerability from nvd – Published: 2018-09-17 16:00 – Updated: 2024-09-17 03:14
    VLAI
    Summary
    Pivotal Applications Manager in Pivotal Application Service, versions 2.0 prior to 2.0.21 and 2.1 prior to 2.1.13 and 2.2 prior to 2.2.5, contains a bug which may allow escalation of privileges. A space developer with access to the system org may be able to access an artifact which contains the CF admin credential, allowing them to escalate to an admin role.
    Severity
    No CVSS data available.
    CWE
    • Credential leak
    Assigner
    References
    URL Tags
    https://pivotal.io/security/cve-2018-11088 x_refsource_CONFIRM
    Impacted products
    Vendor Product Version
    Pivotal Application Service Affected: 2.0 , < 2.0.21 (custom)
    Affected: 2.1 , < 2.1.13 (custom)
    Affected: 2.2 , < 2.2.5 (custom)
    Create a notification for this product.
    Date Public
    2018-09-13 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T07:54:36.479Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://pivotal.io/security/cve-2018-11088"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Application Service",
              "vendor": "Pivotal",
              "versions": [
                {
                  "lessThan": "2.0.21",
                  "status": "affected",
                  "version": "2.0",
                  "versionType": "custom"
                },
                {
                  "lessThan": "2.1.13",
                  "status": "affected",
                  "version": "2.1",
                  "versionType": "custom"
                },
                {
                  "lessThan": "2.2.5",
                  "status": "affected",
                  "version": "2.2",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "datePublic": "2018-09-13T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Pivotal Applications Manager in Pivotal Application Service, versions 2.0 prior to 2.0.21 and 2.1 prior to 2.1.13 and 2.2 prior to 2.2.5, contains a bug which may allow escalation of privileges. A space developer with access to the system org may be able to access an artifact which contains the CF admin credential, allowing them to escalate to an admin role."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Credential leak",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-09-17T15:57:01.000Z",
            "orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
            "shortName": "dell"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://pivotal.io/security/cve-2018-11088"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "security_alert@emc.com",
              "DATE_PUBLIC": "2018-09-13T04:00:00.000Z",
              "ID": "CVE-2018-11088",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Application Service",
                          "version": {
                            "version_data": [
                              {
                                "affected": "\u003c",
                                "version_affected": "\u003c",
                                "version_name": "2.0",
                                "version_value": "2.0.21"
                              },
                              {
                                "affected": "\u003c",
                                "version_affected": "\u003c",
                                "version_name": "2.1",
                                "version_value": "2.1.13"
                              },
                              {
                                "affected": "\u003c",
                                "version_affected": "\u003c",
                                "version_name": "2.2",
                                "version_value": "2.2.5"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Pivotal"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Pivotal Applications Manager in Pivotal Application Service, versions 2.0 prior to 2.0.21 and 2.1 prior to 2.1.13 and 2.2 prior to 2.2.5, contains a bug which may allow escalation of privileges. A space developer with access to the system org may be able to access an artifact which contains the CF admin credential, allowing them to escalate to an admin role."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Credential leak"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://pivotal.io/security/cve-2018-11088",
                  "refsource": "CONFIRM",
                  "url": "https://pivotal.io/security/cve-2018-11088"
                }
              ]
            },
            "source": {
              "discovery": "UNKNOWN"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
        "assignerShortName": "dell",
        "cveId": "CVE-2018-11088",
        "datePublished": "2018-09-17T16:00:00.000Z",
        "dateReserved": "2018-05-14T00:00:00.000Z",
        "dateUpdated": "2024-09-17T03:14:36.305Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2018-11086 (GCVE-0-2018-11086)

    Vulnerability from nvd – Published: 2018-09-17 16:00 – Updated: 2024-09-16 20:58
    VLAI
    Summary
    Pivotal Usage Service in Pivotal Application Service, versions 2.0 prior to 2.0.21 and 2.1 prior to 2.1.13 and 2.2 prior to 2.2.5, contains a bug which may allow escalation of privileges. A space developer with access to the system org may be able to access an artifact which contains the CF admin credential, allowing them to escalate to an admin role.
    Severity
    No CVSS data available.
    CWE
    • Credential leak
    Assigner
    References
    URL Tags
    https://pivotal.io/security/cve-2018-11086 x_refsource_CONFIRM
    Impacted products
    Vendor Product Version
    Pivotal Application Service Affected: 2.0 , < 2.0.21 (custom)
    Affected: 2.1 , < 2.1.13 (custom)
    Affected: 2.2 , < 2.2.5 (custom)
    Create a notification for this product.
    Date Public
    2018-09-13 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T07:54:36.637Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://pivotal.io/security/cve-2018-11086"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Application Service",
              "vendor": "Pivotal",
              "versions": [
                {
                  "lessThan": "2.0.21",
                  "status": "affected",
                  "version": "2.0",
                  "versionType": "custom"
                },
                {
                  "lessThan": "2.1.13",
                  "status": "affected",
                  "version": "2.1",
                  "versionType": "custom"
                },
                {
                  "lessThan": "2.2.5",
                  "status": "affected",
                  "version": "2.2",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "datePublic": "2018-09-13T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Pivotal Usage Service in Pivotal Application Service, versions 2.0 prior to 2.0.21 and 2.1 prior to 2.1.13 and 2.2 prior to 2.2.5, contains a bug which may allow escalation of privileges. A space developer with access to the system org may be able to access an artifact which contains the CF admin credential, allowing them to escalate to an admin role."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Credential leak",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-09-17T15:57:01.000Z",
            "orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
            "shortName": "dell"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://pivotal.io/security/cve-2018-11086"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "security_alert@emc.com",
              "DATE_PUBLIC": "2018-09-13T04:00:00.000Z",
              "ID": "CVE-2018-11086",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Application Service",
                          "version": {
                            "version_data": [
                              {
                                "affected": "\u003c",
                                "version_affected": "\u003c",
                                "version_name": "2.0",
                                "version_value": "2.0.21"
                              },
                              {
                                "affected": "\u003c",
                                "version_affected": "\u003c",
                                "version_name": "2.1",
                                "version_value": "2.1.13"
                              },
                              {
                                "affected": "\u003c",
                                "version_affected": "\u003c",
                                "version_name": "2.2",
                                "version_value": "2.2.5"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Pivotal"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Pivotal Usage Service in Pivotal Application Service, versions 2.0 prior to 2.0.21 and 2.1 prior to 2.1.13 and 2.2 prior to 2.2.5, contains a bug which may allow escalation of privileges. A space developer with access to the system org may be able to access an artifact which contains the CF admin credential, allowing them to escalate to an admin role."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Credential leak"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://pivotal.io/security/cve-2018-11086",
                  "refsource": "CONFIRM",
                  "url": "https://pivotal.io/security/cve-2018-11086"
                }
              ]
            },
            "source": {
              "discovery": "UNKNOWN"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
        "assignerShortName": "dell",
        "cveId": "CVE-2018-11086",
        "datePublished": "2018-09-17T16:00:00.000Z",
        "dateReserved": "2018-05-14T00:00:00.000Z",
        "dateUpdated": "2024-09-16T20:58:01.148Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2018-11086 (GCVE-0-2018-11086)

    Vulnerability from cvelistv5 – Published: 2018-09-17 16:00 – Updated: 2024-09-16 20:58
    VLAI
    Summary
    Pivotal Usage Service in Pivotal Application Service, versions 2.0 prior to 2.0.21 and 2.1 prior to 2.1.13 and 2.2 prior to 2.2.5, contains a bug which may allow escalation of privileges. A space developer with access to the system org may be able to access an artifact which contains the CF admin credential, allowing them to escalate to an admin role.
    Severity
    No CVSS data available.
    CWE
    • Credential leak
    Assigner
    References
    URL Tags
    https://pivotal.io/security/cve-2018-11086 x_refsource_CONFIRM
    Impacted products
    Vendor Product Version
    Pivotal Application Service Affected: 2.0 , < 2.0.21 (custom)
    Affected: 2.1 , < 2.1.13 (custom)
    Affected: 2.2 , < 2.2.5 (custom)
    Create a notification for this product.
    Date Public
    2018-09-13 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T07:54:36.637Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://pivotal.io/security/cve-2018-11086"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Application Service",
              "vendor": "Pivotal",
              "versions": [
                {
                  "lessThan": "2.0.21",
                  "status": "affected",
                  "version": "2.0",
                  "versionType": "custom"
                },
                {
                  "lessThan": "2.1.13",
                  "status": "affected",
                  "version": "2.1",
                  "versionType": "custom"
                },
                {
                  "lessThan": "2.2.5",
                  "status": "affected",
                  "version": "2.2",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "datePublic": "2018-09-13T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Pivotal Usage Service in Pivotal Application Service, versions 2.0 prior to 2.0.21 and 2.1 prior to 2.1.13 and 2.2 prior to 2.2.5, contains a bug which may allow escalation of privileges. A space developer with access to the system org may be able to access an artifact which contains the CF admin credential, allowing them to escalate to an admin role."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Credential leak",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-09-17T15:57:01.000Z",
            "orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
            "shortName": "dell"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://pivotal.io/security/cve-2018-11086"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "security_alert@emc.com",
              "DATE_PUBLIC": "2018-09-13T04:00:00.000Z",
              "ID": "CVE-2018-11086",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Application Service",
                          "version": {
                            "version_data": [
                              {
                                "affected": "\u003c",
                                "version_affected": "\u003c",
                                "version_name": "2.0",
                                "version_value": "2.0.21"
                              },
                              {
                                "affected": "\u003c",
                                "version_affected": "\u003c",
                                "version_name": "2.1",
                                "version_value": "2.1.13"
                              },
                              {
                                "affected": "\u003c",
                                "version_affected": "\u003c",
                                "version_name": "2.2",
                                "version_value": "2.2.5"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Pivotal"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Pivotal Usage Service in Pivotal Application Service, versions 2.0 prior to 2.0.21 and 2.1 prior to 2.1.13 and 2.2 prior to 2.2.5, contains a bug which may allow escalation of privileges. A space developer with access to the system org may be able to access an artifact which contains the CF admin credential, allowing them to escalate to an admin role."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Credential leak"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://pivotal.io/security/cve-2018-11086",
                  "refsource": "CONFIRM",
                  "url": "https://pivotal.io/security/cve-2018-11086"
                }
              ]
            },
            "source": {
              "discovery": "UNKNOWN"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
        "assignerShortName": "dell",
        "cveId": "CVE-2018-11086",
        "datePublished": "2018-09-17T16:00:00.000Z",
        "dateReserved": "2018-05-14T00:00:00.000Z",
        "dateUpdated": "2024-09-16T20:58:01.148Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2018-11088 (GCVE-0-2018-11088)

    Vulnerability from cvelistv5 – Published: 2018-09-17 16:00 – Updated: 2024-09-17 03:14
    VLAI
    Summary
    Pivotal Applications Manager in Pivotal Application Service, versions 2.0 prior to 2.0.21 and 2.1 prior to 2.1.13 and 2.2 prior to 2.2.5, contains a bug which may allow escalation of privileges. A space developer with access to the system org may be able to access an artifact which contains the CF admin credential, allowing them to escalate to an admin role.
    Severity
    No CVSS data available.
    CWE
    • Credential leak
    Assigner
    References
    URL Tags
    https://pivotal.io/security/cve-2018-11088 x_refsource_CONFIRM
    Impacted products
    Vendor Product Version
    Pivotal Application Service Affected: 2.0 , < 2.0.21 (custom)
    Affected: 2.1 , < 2.1.13 (custom)
    Affected: 2.2 , < 2.2.5 (custom)
    Create a notification for this product.
    Date Public
    2018-09-13 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T07:54:36.479Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://pivotal.io/security/cve-2018-11088"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Application Service",
              "vendor": "Pivotal",
              "versions": [
                {
                  "lessThan": "2.0.21",
                  "status": "affected",
                  "version": "2.0",
                  "versionType": "custom"
                },
                {
                  "lessThan": "2.1.13",
                  "status": "affected",
                  "version": "2.1",
                  "versionType": "custom"
                },
                {
                  "lessThan": "2.2.5",
                  "status": "affected",
                  "version": "2.2",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "datePublic": "2018-09-13T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Pivotal Applications Manager in Pivotal Application Service, versions 2.0 prior to 2.0.21 and 2.1 prior to 2.1.13 and 2.2 prior to 2.2.5, contains a bug which may allow escalation of privileges. A space developer with access to the system org may be able to access an artifact which contains the CF admin credential, allowing them to escalate to an admin role."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Credential leak",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-09-17T15:57:01.000Z",
            "orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
            "shortName": "dell"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://pivotal.io/security/cve-2018-11088"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "security_alert@emc.com",
              "DATE_PUBLIC": "2018-09-13T04:00:00.000Z",
              "ID": "CVE-2018-11088",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Application Service",
                          "version": {
                            "version_data": [
                              {
                                "affected": "\u003c",
                                "version_affected": "\u003c",
                                "version_name": "2.0",
                                "version_value": "2.0.21"
                              },
                              {
                                "affected": "\u003c",
                                "version_affected": "\u003c",
                                "version_name": "2.1",
                                "version_value": "2.1.13"
                              },
                              {
                                "affected": "\u003c",
                                "version_affected": "\u003c",
                                "version_name": "2.2",
                                "version_value": "2.2.5"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Pivotal"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Pivotal Applications Manager in Pivotal Application Service, versions 2.0 prior to 2.0.21 and 2.1 prior to 2.1.13 and 2.2 prior to 2.2.5, contains a bug which may allow escalation of privileges. A space developer with access to the system org may be able to access an artifact which contains the CF admin credential, allowing them to escalate to an admin role."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Credential leak"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://pivotal.io/security/cve-2018-11088",
                  "refsource": "CONFIRM",
                  "url": "https://pivotal.io/security/cve-2018-11088"
                }
              ]
            },
            "source": {
              "discovery": "UNKNOWN"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
        "assignerShortName": "dell",
        "cveId": "CVE-2018-11088",
        "datePublished": "2018-09-17T16:00:00.000Z",
        "dateReserved": "2018-05-14T00:00:00.000Z",
        "dateUpdated": "2024-09-17T03:14:36.305Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }