CVE-2018-15762— Pivotal Operations Manager gives all users heightened privileges

Pivotal Operations Manager gives all users heightened privileges

Pivotal Operations Manager, versions 2.0.x prior to 2.0.24, versions 2.1.x prior to 2.1.15, versions 2.2.x prior to 2.2.7, and versions 2.3.x prior to 2.3.1, grants all users a scope which allows for privilege escalation. A remote malicious user who has been authenticated may create a new client with administrator privileges for Opsman.

N/A

N/A

Pivotal Operations Manager 权限许可和访问控制漏洞

Pivotal Operations Manager是美国Pivotal Software公司的一套Cloud Foundry自动化管理解决方案。该方案能够自动化部署、升级和管理Cloud Foundry平台。 Pivotal Operations Manager中存在提权漏洞。远程攻击者可利用该漏洞提升权限。以下版本受到影响：2.0.24之前的2.0.x版本，2.1.15之前的2.1.x版本，2.2.7之前的2.2.x版本，2.3.1之前的2.3.x版本。

N/A

N/A