Privilege Escalation Vulnerability in Pivotal Operations Manager

Privilege Escalation Vulnerability in Pivotal Operations Manager

CVE-2018-15762 · MEDIUM Severity

AV:N/AC:L/AU:S/C:P/I:P/A:P

Pivotal Operations Manager, versions 2.0.x prior to 2.0.24, versions 2.1.x prior to 2.1.15, versions 2.2.x prior to 2.2.7, and versions 2.3.x prior to 2.3.1, grants all users a scope which allows for privilege escalation. A remote malicious user who has been authenticated may create a new client with administrator privileges for Opsman.

Learn more about our User Device Pen Test.