Pivotal Software: >> Operations Manager >> 1.5.13 Security Vulnerabilities
Pivotal Cloud Foundry (PCF) Ops Manager before 1.6.17 and 1.7.x before 1.7.8, when vCloud or vSphere is used, does not properly enable SSH access for operators, which has unspecified impact and remote attack vectors.
CVSS Score
9.8
EPSS Score
0.005
Published
2016-09-18
Pivotal Cloud Foundry (PCF) Ops Manager before 1.5.14 and 1.6.x before 1.6.9 uses the same cookie-encryption key across different customers' installations, which allows remote attackers to bypass session authentication by leveraging knowledge of this key from another installation.
CVSS Score
9.8
EPSS Score
0.002
Published
2016-09-18