Pivotal Apps Manager Release, versions 665.0.x prior to 665.0.28, versions 666.0.x prior to 666.0.21, versions 667.0.x prior to 667.0.7, contain an invitation service that accepts HTTP. A remote unauthenticated user could listen to network traffic and gain access to the authorization credentials used to make the invitation requests.
Advisories
Source ID Title
EUVD EUVD EUVD-2019-13423 Pivotal Apps Manager Release, versions 665.0.x prior to 665.0.28, versions 666.0.x prior to 666.0.21, versions 667.0.x prior to 667.0.7, contain an invitation service that accepts HTTP. A remote unauthenticated user could listen to network traffic and gain access to the authorization credentials used to make the invitation requests.
Fixes

Solution

No solution given by the vendor.


Workaround

No workaround given by the vendor.

References
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: dell

Published:

Updated: 2024-09-17T02:42:24.279Z

Reserved: 2019-01-03T00:00:00

Link: CVE-2019-3793

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2019-04-24T16:29:02.263

Modified: 2024-11-21T04:42:33.183

Link: CVE-2019-3793

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.