CVE-2019-11273
2.2
CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:N/A:N
Summary
Pivotal Container Services (PKS) versions 1.3.x prior to 1.3.7, and versions 1.4.x prior to 1.4.1, contains a vulnerable component which logs the username and password to the billing database. A remote authenticated user with access to those logs may be able to retrieve non-sensitive information.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Pivotal | Pivotal Container Service (PKS) | 1.3.x prior to 1.3.7 | affected |
| Pivotal | Pivotal Container Service (PKS) | 1.4.x prior to 1.4.1 | affected |
Weaknesses
- CWE-532: CWE-532: Information Exposure Through Log Files
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.