VYPR
High severity8.8NVD Advisory· Published Sep 17, 2018· Updated Jun 17, 2026

CVE-2018-11088

CVE-2018-11088

Description

Pivotal Applications Manager in Pivotal Application Service, versions 2.0 prior to 2.0.21 and 2.1 prior to 2.1.13 and 2.2 prior to 2.2.5, contains a bug which may allow escalation of privileges. A space developer with access to the system org may be able to access an artifact which contains the CF admin credential, allowing them to escalate to an admin role.

Affected products

2
  • Pivot/Pivotllm-fuzzy
    Range: <2.0.21 || <2.1.13 || <2.2.5
  • Pivotal/Application Servicev5
    Range: 2.0

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.