Pivotal Apps Manager Release, versions 665.0.x prior to 665.0.28, versions 666.0.x prior to 666.0.21, versions 667.0.x prior to 667.0.7, contain an invitation service that accepts HTTP. A remote unauthenticated user could listen to network traffic and gain access to the authorization credentials used to make the invitation requests.
References
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: dell

Published: 2019-04-24T15:21:10.482554Z

Updated: 2024-09-17T02:42:24.279Z

Reserved: 2019-01-03T00:00:00

Link: CVE-2019-3793

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2019-04-24T16:29:02.263

Modified: 2024-11-21T04:42:33.183

Link: CVE-2019-3793

cve-icon Redhat

No data.