Pivotal Software: >> Pivotal Container Service Security Vulnerabilities
Pivotal Container Services (PKS) versions 1.3.x prior to 1.3.7, and versions 1.4.x prior to 1.4.1, contains a vulnerable component which logs the username and password to the billing database. A remote authenticated user with access to those logs may be able to retrieve non-sensitive information.
CVSS Score
2.2
EPSS Score
0.002
Published
2019-07-23
Pivotal Container Service, versions prior to 1.2.0, contains an information disclosure vulnerability which exposes IaaS credentials to application logs. A malicious user with access to application logs may be able to obtain IaaS credentials and perform actions using these credentials.
CVSS Score
9.0
EPSS Score
0.002
Published
2018-10-05