CVE-2019-11273

Summary

Pivotal Container Services (PKS) versions 1.3.x prior to 1.3.7, and versions 1.4.x prior to 1.4.1, contains a vulnerable component which logs the username and password to the billing database. A remote authenticated user with access to those logs may be able to retrieve non-sensitive information.

Affected Software

VendorProductVersion RangeStatus
PivotalPivotal Container Service (PKS)1.3.x prior to 1.3.7affected
PivotalPivotal Container Service (PKS)1.4.x prior to 1.4.1affected

Weaknesses

  • CWE-532: CWE-532: Information Exposure Through Log Files

ADP Enrichment

CVE Program Container

Additional References

References