Pivotal Applications Manager in Pivotal Application Service, versions 2.0 prior to 2.0.21 and 2.1 prior to 2.1.13 and 2.2 prior to 2.2.5, contains a bug which may allow escalation of privileges. A space developer with access to the system org may be able to access an artifact which contains the CF admin credential, allowing them to escalate to an admin role.
References
Link | Resource |
---|---|
https://pivotal.io/security/cve-2018-11088 | Mitigation Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: dell
Published: 2018-09-13T00:00:00
Updated: 2018-09-17T15:57:01
Reserved: 2018-05-14T00:00:00
Link: CVE-2018-11088
JSON object: View
NVD Information
Status : Analyzed
Published: 2018-09-17T16:29:00.427
Modified: 2019-10-03T00:03:26.223
Link: CVE-2018-11088
JSON object: View
Redhat Information
No data.
CWE