Information Disclosure Vulnerability in Pivotal Container Service (versions prior to 1.2.0) Exposes IaaS Credentials in Application Logs

Information Disclosure Vulnerability in Pivotal Container Service (versions prior to 1.2.0) Exposes IaaS Credentials in Application Logs

CVE-2018-15763 · MEDIUM Severity

AV:N/AC:L/AU:S/C:P/I:N/A:N

Pivotal Container Service, versions prior to 1.2.0, contains an information disclosure vulnerability which exposes IaaS credentials to application logs. A malicious user with access to application logs may be able to obtain IaaS credentials and perform actions using these credentials.

Learn more about our User Device Pen Test.