CVE-2018-11046

Pivotal Operations Manager, versions 2.1.x prior to 2.1.6 and version 2.0.14, includes NGINX packages that lacks security vulnerability patches. An attacker with access to the NGINX processes and knowledge of how to exploit the unpatched vulnerabilities may be able to impact Operations Manager

Published: Jun 25, 2018
Updated: Apr 13, 2023
CVE: CVE-2018-11046
Severity: Medium
Exploit:

CVSS v3:

Severity: Medium
Score: 6.5
AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

CVSS v2:

Severity: Low
Score: 4
AV:N/AC:L/Au:S/C:N/I:P/A:N

CWEs:

CWE-20

Affected Software
References

Software	From	Fixed in
pivotal_software / operations_manager	2.0.14	2.0.14.x
pivotal_software / operations_manager	2.1.0	2.1.6

http://www.securityfocus.com/bid/104545
https://pivotal.io/security/cve-2018-11046

Vulnerability Database

289,599

CVE-2018-11046