Vulnerability Details CVE-2018-1200
Apps Manager for PCF (Pivotal Application Service 1.11.x before 1.11.26, 1.12.x before 1.12.14, and 2.0.x before 2.0.5) allows unprivileged remote file read in its container via specially-crafted links.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 54.7%
CVSS Severity
CVSS v3 Score 6.5
CVSS v2 Score 4.3
References
Products affected by CVE-2018-1200
-
cpe:2.3:a:pivotal_software:pivotal_application_service:1.11.0
-
cpe:2.3:a:pivotal_software:pivotal_application_service:1.11.1
-
cpe:2.3:a:pivotal_software:pivotal_application_service:1.11.10
-
cpe:2.3:a:pivotal_software:pivotal_application_service:1.11.11
-
cpe:2.3:a:pivotal_software:pivotal_application_service:1.11.12
-
cpe:2.3:a:pivotal_software:pivotal_application_service:1.11.13
-
cpe:2.3:a:pivotal_software:pivotal_application_service:1.11.14
-
cpe:2.3:a:pivotal_software:pivotal_application_service:1.11.15
-
cpe:2.3:a:pivotal_software:pivotal_application_service:1.11.16
-
cpe:2.3:a:pivotal_software:pivotal_application_service:1.11.17
-
cpe:2.3:a:pivotal_software:pivotal_application_service:1.11.18
-
cpe:2.3:a:pivotal_software:pivotal_application_service:1.11.19
-
cpe:2.3:a:pivotal_software:pivotal_application_service:1.11.2
-
cpe:2.3:a:pivotal_software:pivotal_application_service:1.11.20
-
cpe:2.3:a:pivotal_software:pivotal_application_service:1.11.21
-
cpe:2.3:a:pivotal_software:pivotal_application_service:1.11.22
-
cpe:2.3:a:pivotal_software:pivotal_application_service:1.11.23
-
cpe:2.3:a:pivotal_software:pivotal_application_service:1.11.24
-
cpe:2.3:a:pivotal_software:pivotal_application_service:1.11.25
-
cpe:2.3:a:pivotal_software:pivotal_application_service:1.11.3
-
cpe:2.3:a:pivotal_software:pivotal_application_service:1.11.4
-
cpe:2.3:a:pivotal_software:pivotal_application_service:1.11.5
-
cpe:2.3:a:pivotal_software:pivotal_application_service:1.11.6
-
cpe:2.3:a:pivotal_software:pivotal_application_service:1.11.7
-
cpe:2.3:a:pivotal_software:pivotal_application_service:1.11.8
-
cpe:2.3:a:pivotal_software:pivotal_application_service:1.11.9
-
cpe:2.3:a:pivotal_software:pivotal_application_service:1.12.0
-
cpe:2.3:a:pivotal_software:pivotal_application_service:1.12.1
-
cpe:2.3:a:pivotal_software:pivotal_application_service:1.12.10
-
cpe:2.3:a:pivotal_software:pivotal_application_service:1.12.11
-
cpe:2.3:a:pivotal_software:pivotal_application_service:1.12.12
-
cpe:2.3:a:pivotal_software:pivotal_application_service:1.12.13
-
cpe:2.3:a:pivotal_software:pivotal_application_service:1.12.2
-
cpe:2.3:a:pivotal_software:pivotal_application_service:1.12.3
-
cpe:2.3:a:pivotal_software:pivotal_application_service:1.12.4
-
cpe:2.3:a:pivotal_software:pivotal_application_service:1.12.5
-
cpe:2.3:a:pivotal_software:pivotal_application_service:1.12.6
-
cpe:2.3:a:pivotal_software:pivotal_application_service:1.12.7
-
cpe:2.3:a:pivotal_software:pivotal_application_service:1.12.8
-
cpe:2.3:a:pivotal_software:pivotal_application_service:1.12.9
-
cpe:2.3:a:pivotal_software:pivotal_application_service:2.0.0
-
cpe:2.3:a:pivotal_software:pivotal_application_service:2.0.1
-
cpe:2.3:a:pivotal_software:pivotal_application_service:2.0.2
-
cpe:2.3:a:pivotal_software:pivotal_application_service:2.0.3
-
cpe:2.3:a:pivotal_software:pivotal_application_service:2.0.4