Pivotal Apps Manager Release, versions 665.0.x prior to 665.0.28, versions 666.0.x prior to 666.0.21, versions 667.0.x prior to 667.0.7, contain an invitation service that accepts HTTP. A remote unauthenticated user could listen to network traffic and gain access to the authorization credentials used to make the invitation requests.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://pivotal.io/security/cve-2019-3793 |
History
No history.
MITRE
Status: PUBLISHED
Assigner: dell
Published: 2019-04-24T15:21:10.482554Z
Updated: 2024-09-17T02:42:24.279Z
Reserved: 2019-01-03T00:00:00
Link: CVE-2019-3793
Vulnrichment
No data.
NVD
Status : Modified
Published: 2019-04-24T16:29:02.263
Modified: 2024-11-21T04:42:33.183
Link: CVE-2019-3793
Redhat
No data.