Pivotal Ops Manager CVE-2019-11271 Local Information Disclosure Vulnerability

2019-06-2800:00:00

Symantec Security Response

www.symantec.com

0.0004 Low

EPSS

Percentile

5.1%

JSON

Description

Pivotal Ops Manager is prone to local information-disclosure vulnerability. An attacker can exploit this issue to gain access to sensitive information; this may lead to further attacks.

Technologies Affected

Pivotal Cloud Foundry Ops Manager 2.3
Pivotal Cloud Foundry Ops Manager 2.3.0
Pivotal Cloud Foundry Ops Manager 2.3.1
Pivotal Cloud Foundry Ops Manager 2.3.10
Pivotal Cloud Foundry Ops Manager 2.3.11
Pivotal Cloud Foundry Ops Manager 2.3.12
Pivotal Cloud Foundry Ops Manager 2.3.14
Pivotal Cloud Foundry Ops Manager 2.3.15
Pivotal Cloud Foundry Ops Manager 2.3.16
Pivotal Cloud Foundry Ops Manager 2.3.2
Pivotal Cloud Foundry Ops Manager 2.3.3
Pivotal Cloud Foundry Ops Manager 2.3.4
Pivotal Cloud Foundry Ops Manager 2.3.5
Pivotal Cloud Foundry Ops Manager 2.3.6
Pivotal Cloud Foundry Ops Manager 2.3.7
Pivotal Cloud Foundry Ops Manager 2.3.8
Pivotal Cloud Foundry Ops Manager 2.3.9
Pivotal Cloud Foundry Ops Manager 2.4
Pivotal Cloud Foundry Ops Manager 2.4.0
Pivotal Cloud Foundry Ops Manager 2.4.1
Pivotal Cloud Foundry Ops Manager 2.4.10
Pivotal Cloud Foundry Ops Manager 2.4.11
Pivotal Cloud Foundry Ops Manager 2.4.12
Pivotal Cloud Foundry Ops Manager 2.4.2
Pivotal Cloud Foundry Ops Manager 2.4.3
Pivotal Cloud Foundry Ops Manager 2.4.4
Pivotal Cloud Foundry Ops Manager 2.4.5
Pivotal Cloud Foundry Ops Manager 2.4.6
Pivotal Cloud Foundry Ops Manager 2.4.7
Pivotal Cloud Foundry Ops Manager 2.4.8
Pivotal Cloud Foundry Ops Manager 2.4.9
Pivotal Cloud Foundry Ops Manager 2.5.0
Pivotal Cloud Foundry Ops Manager 2.5.1
Pivotal Cloud Foundry Ops Manager 2.5.2
Pivotal Cloud Foundry Ops Manager 2.5.3

Recommendations

Permit local access for trusted individuals only. Where possible, use restricted environments and restricted shells.
Given the local nature of this issue, grant only trusted and accountable individuals access to affected computers.

Updates are available. Please see the references or vendor advisory for more information.

CPENameOperatorVersion
pivotal cloud foundry ops managereq2.4.9
pivotal cloud foundry ops managereq2.4.7
pivotal cloud foundry ops managereq2.4.4
pivotal cloud foundry ops managereq2.3
pivotal cloud foundry ops managereq2.3.15
pivotal cloud foundry ops managereq2.3.0
pivotal cloud foundry ops managereq2.3.11
pivotal cloud foundry ops managereq2.5.1
pivotal cloud foundry ops managereq2.5.0
pivotal cloud foundry ops managereq2.3.7

Name	Operator	Version
pivotal cloud foundry ops manager	eq	2.4.9
pivotal cloud foundry ops manager	eq	2.4.7
pivotal cloud foundry ops manager	eq	2.4.4
pivotal cloud foundry ops manager	eq	2.3
pivotal cloud foundry ops manager	eq	2.3.15
pivotal cloud foundry ops manager	eq	2.3.0
pivotal cloud foundry ops manager	eq	2.3.11
pivotal cloud foundry ops manager	eq	2.5.1
pivotal cloud foundry ops manager	eq	2.5.0
pivotal cloud foundry ops manager	eq	2.3.7

Rows per page:

1-10 of 351

References

pivotal.io/about

0.0004 Low

EPSS

Percentile

5.1%

JSON

Related for SMNTC-110999