Описание
Pivotal Cloud Foundry (PCF) Ops Manager before 1.6.19 and 1.7.x before 1.7.10, when vCloud or vSphere is used, has a default password for compilation VMs, which allows remote attackers to obtain SSH access by connecting within an installation-time period during which these VMs exist.
Уязвимые конфигурации
Конфигурация 1Версия до 1.6.18 (включая)
Одно из
cpe:2.3:a:pivotal:operations_manager:*:*:*:*:*:*:*:*
cpe:2.3:a:pivotal:operations_manager:1.7.0:*:*:*:*:*:*:*
cpe:2.3:a:pivotal:operations_manager:1.7.1:*:*:*:*:*:*:*
cpe:2.3:a:pivotal:operations_manager:1.7.2:*:*:*:*:*:*:*
cpe:2.3:a:pivotal:operations_manager:1.7.3:*:*:*:*:*:*:*
cpe:2.3:a:pivotal:operations_manager:1.7.4:*:*:*:*:*:*:*
cpe:2.3:a:pivotal:operations_manager:1.7.5:*:*:*:*:*:*:*
cpe:2.3:a:pivotal:operations_manager:1.7.6:*:*:*:*:*:*:*
cpe:2.3:a:pivotal:operations_manager:1.7.7:*:*:*:*:*:*:*
cpe:2.3:a:pivotal:operations_manager:1.7.8:*:*:*:*:*:*:*
cpe:2.3:a:pivotal:operations_manager:1.7.9:*:*:*:*:*:*:*
EPSS
Процентиль: 56%
0.00342
Низкий
9.8 Critical
CVSS3
5 Medium
CVSS2
Дефекты
CWE-362
Связанные уязвимости
CVSS3: 9.8
github
больше 3 лет назад
Pivotal Cloud Foundry (PCF) Ops Manager before 1.6.19 and 1.7.x before 1.7.10, when vCloud or vSphere is used, has a default password for compilation VMs, which allows remote attackers to obtain SSH access by connecting within an installation-time period during which these VMs exist.
EPSS
Процентиль: 56%
0.00342
Низкий
9.8 Critical
CVSS3
5 Medium
CVSS2
Дефекты
CWE-362