Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Pivotal Cloud Foundry (PCF) Ops Manager before 1.5.14 and 1.6.x before 1.6.9 uses the same cookie-encryption key across different customers' installations, which allows remote attackers to bypass session authentication by leveraging knowledge of this key from another installation.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Pivotal Cloud Foundry Ops Manager 安全漏洞
Vulnerability Description
Pivotal Cloud Foundry(PCF)是美国Pivotal Software公司的一套开源的平台即服务(PaaS)云计算平台,它提供容器调度、持续交付和自动化服务部署等功能。PCF Ops Manager是其中的一个用于部署、在线升级、配置的管理工具。 PCF Ops Manager 1.5.14之前的版本和1.6.9之前的1.6.x版本中存在安全漏洞,该漏洞源于程序对不同用户的实例使用相同的cookie-encryption密钥。远程攻击者可借助已知的其它安装的密钥利用该漏洞绕过会话身份验
CVSS Information
N/A
Vulnerability Type
N/A