VYPR
Unrated severityNVD Advisory· Published Jul 23, 2019· Updated Sep 16, 2024

PKS Telemetry logs credentials

CVE-2019-11273

Description

Pivotal Container Services (PKS) versions 1.3.x prior to 1.3.7, and versions 1.4.x prior to 1.4.1, contains a vulnerable component which logs the username and password to the billing database. A remote authenticated user with access to those logs may be able to retrieve non-sensitive information.

Affected products

2
  • Pivot/Pivotllm-fuzzy
    Range: >=1.3.0, <1.3.7 or >=1.4.0, <1.4.1
  • Pivotal/Pivotal Container Service (PKS)v5
    Range: 1.3.x prior to 1.3.7

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.