HIGH🇬🇧 English

CVE-2019-3776

CVSS 7.2v3.0pub. 2019-03-07upd. 2024-11-21

Pivotal Operations Manager, 2.1.x versions prior to 2.1.20, 2.2.x versions prior to 2.2.16, 2.3.x versions prior to 2.3.10, 2.4.x versions prior to 2.4.3, contains a reflected cross site scripting vulnerability. A remote user that is able to convince an Operations Manager user to interact with malicious content could execute arbitrary JavaScript in the user's browser.

oryginał EN
CVSS Vector
CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:H/A:L
  • Pivotal Software Operations Manager

    APP
    Pivotal Software
    2.1.0 – 2.1.20 (bez)2.2.0 – 2.2.16 (bez)2.3.0 – 2.3.10 (bez)2.4.0 – 2.4.3 (bez)
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
Tagi
XSS
CWE
Referencje

Powiązane podatności

CVE-2018-15762CRITICAL9.0ten sam produkt

Pivotal Operations Manager, versions 2.0.x prior to 2.0.24, versions 2.1.x prior to 2.1.15, versions 2.2.x pri...

CVE-2016-0883CRITICAL9.8ten sam produkt

Pivotal Cloud Foundry (PCF) Ops Manager before 1.5.14 and 1.6.x before 1.6.9 uses the same cookie-encryption k...

CVE-2016-0897CRITICAL9.8ten sam produkt

Pivotal Cloud Foundry (PCF) Ops Manager before 1.6.17 and 1.7.x before 1.7.8, when vCloud or vSphere is used, ...

CVE-2019-11270HIGH7.5ten sam produkt

Cloud Foundry UAA versions prior to v73.4.0 contain a vulnerability where a malicious client possessing the 'c...

CVE-2018-11081HIGH7.9ten sam produkt

Pivotal Operations Manager, versions 2.2.x prior to 2.2.1, 2.1.x prior to 2.1.11, 2.0.x prior to 2.0.16, and 1...