CVE-2018-11088
 
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
Pivotal Applications Manager in Pivotal Application Service, versions 2.0 prior to 2.0.21 and 2.1 prior to 2.1.13 and 2.2 prior to 2.2.5, contains a bug which may allow escalation of privileges. A space developer with access to the system org may be able to access an artifact which contains the CF admin credential, allowing them to escalate to an admin role.
Pivotal Applications Manager en Pivotal Application Service, en versiones 2.0 anteriores a la 2.0.21 y versiones 2.1 anteriores a la 2.1.13 y versiones 2.2 anteriores a la 2.2.5, contiene un error que podría permitir el escalado de privilegios. Un desarrollador de espacio con acceso al org del sistema podría ser capaz de acceder a un artefacto que contiene las credenciales de administrador CF, lo que les permite escalar a un rol admin.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2018-05-14 CVE Reserved
- 2018-09-17 CVE Published
- 2023-03-07 EPSS Updated
- 2024-09-17 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
CAPEC
References (1)
URL | Tag | Source |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
https://pivotal.io/security/cve-2018-11088 | 2019-10-03 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Pivotal Software Search vendor "Pivotal Software" | Pivotal Application Service Search vendor "Pivotal Software" for product "Pivotal Application Service" | >= 2.0.0 < 2.0.21 Search vendor "Pivotal Software" for product "Pivotal Application Service" and version " >= 2.0.0 < 2.0.21" | - |
Affected
| ||||||
Pivotal Software Search vendor "Pivotal Software" | Pivotal Application Service Search vendor "Pivotal Software" for product "Pivotal Application Service" | >= 2.1.0 < 2.1.13 Search vendor "Pivotal Software" for product "Pivotal Application Service" and version " >= 2.1.0 < 2.1.13" | - |
Affected
| ||||||
Pivotal Software Search vendor "Pivotal Software" | Pivotal Application Service Search vendor "Pivotal Software" for product "Pivotal Application Service" | >= 2.2.0 < 2.2.5 Search vendor "Pivotal Software" for product "Pivotal Application Service" and version " >= 2.2.0 < 2.2.5" | - |
Affected
|