CVE-2019-11273

Pivotal Container Services (PKS) versions 1.3.x prior to 1.3.7, and versions 1.4.x prior to 1.4.1, contains a vulnerable component which logs the username and password to the billing database. A remote authenticated user with access to those logs may be able to retrieve non-sensitive information.

Published : 2019-07-23 23:15 Updated : 2019-09-11 14:48

4.0
CVSS Score More info
Score 4.0 / 10
4.0
Vendor Product Version URI
Pivotal Software Pivotal Container Service 1.3.0 cpe:/a:pivotal_software:pivotal_container_service:1.3.0
Pivotal Software Pivotal Container Service 1.3.1 cpe:/a:pivotal_software:pivotal_container_service:1.3.1
Pivotal Software Pivotal Container Service 1.3.2 cpe:/a:pivotal_software:pivotal_container_service:1.3.2
Pivotal Software Pivotal Container Service 1.3.3 cpe:/a:pivotal_software:pivotal_container_service:1.3.3
Pivotal Software Pivotal Container Service 1.3.4 cpe:/a:pivotal_software:pivotal_container_service:1.3.4
Pivotal Software Pivotal Container Service 1.3.5 cpe:/a:pivotal_software:pivotal_container_service:1.3.5
Pivotal Software Pivotal Container Service 1.3.6 cpe:/a:pivotal_software:pivotal_container_service:1.3.6
Pivotal Software Pivotal Container Service 1.4.0 cpe:/a:pivotal_software:pivotal_container_service:1.4.0
  1. Pivotal Software (1) Search CVE
    1. Pivotal Container Service (8) Search CVE
      1. 1.3.0
      2. 1.3.1
      3. 1.3.2
      4. 1.3.3
      5. 1.3.4
      6. 1.3.5
      7. 1.3.6
      8. 1.4.0

CWE

ID Name Description Links
CWE-200 Information Exposure An information exposure is the intentional or unintentional disclosure of information to an actor that is not explicitly authorized to have access to that information. CVE

Reference

History of changes

Date Event
2019-09-11 14:48
2019-07-25 13:48
2019-07-23 23:15

New CVE