CVE-2018-11046
Summary
| CVE | CVE-2018-11046 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2018-06-25 15:29:00 UTC |
| Updated | 2018-08-30 13:08:00 UTC |
| Description | Pivotal Operations Manager, versions 2.1.x prior to 2.1.6 and version 2.0.14, includes NGINX packages that lacks security vulnerability patches. An attacker with access to the NGINX processes and knowledge of how to exploit the unpatched vulnerabilities may be able to impact Operations Manager |
Risk And Classification
Problem Types: CWE-20
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Pivotal Software | Operations Manager | All | All | All | All |
| Application | Pivotal Software | Operations Manager | 2.0.14 | All | All | All |
| Application | Pivotal Software | Operations Manager | All | All | All | All |
| Application | Pivotal Software | Operations Manager | 2.0.14 | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| CVE-2018-11046: Operations Manager includes outdated NGINX packages | Security | Pivotal | CONFIRM | pivotal.io | Mitigation, Vendor Advisory |
| Pivotal Operations Manager CVE-2018-11046 Security Vulnerability | BID | www.securityfocus.com | Third Party Advisory, VDB Entry |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.