Vulnerabilities > Pivotal Software > Application Service > 2.2.4

DATE CVE VULNERABILITY TITLE RISK
2019-03-07 CVE-2019-3777 Improper Certificate Validation vulnerability in Pivotal Software Application Service
Pivotal Application Service (PAS), versions 2.2.x prior to 2.2.12, 2.3.x prior to 2.3.7 and 2.4.x prior to 2.4.3, contain apps manager that uses a cloud controller proxy that fails to verify SSL certs.
network
low complexity
pivotal-software CWE-295
critical
 9.8
9.8