Vulnerabilities > Pivotal Software > Operations Manager > 2.1.1
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-03-07 | CVE-2019-3776 | Cross-site Scripting vulnerability in Pivotal Software Operations Manager Pivotal Operations Manager, 2.1.x versions prior to 2.1.20, 2.2.x versions prior to 2.2.16, 2.3.x versions prior to 2.3.10, 2.4.x versions prior to 2.4.3, contains a reflected cross site scripting vulnerability. | 5.4 |
| 2018-11-02 | CVE-2018-15762 | Improper Privilege Management vulnerability in Pivotal Software Operations Manager Pivotal Operations Manager, versions 2.0.x prior to 2.0.24, versions 2.1.x prior to 2.1.15, versions 2.2.x prior to 2.2.7, and versions 2.3.x prior to 2.3.1, grants all users a scope which allows for privilege escalation. | 8.8 |
| 2018-10-05 | CVE-2018-11081 | Unspecified vulnerability in Pivotal Software Operations Manager Pivotal Operations Manager, versions 2.2.x prior to 2.2.1, 2.1.x prior to 2.1.11, 2.0.x prior to 2.0.16, and 1.11.x prior to 2, fails to write the Operations Manager UAA config onto the temp RAM disk, thus exposing the configs directly onto disk. | 8.8 |
| 2018-07-11 | CVE-2018-11045 | Use of Insufficiently Random Values vulnerability in Pivotal Software Operations Manager Pivotal Operations Manager, versions 2.1 prior to 2.1.6 and 2.0 prior to 2.0.15 and 1.12 prior to 1.12.22, contains a static Linux Random Number Generator (LRNG) seed file embedded in the appliance image. | 5.9 |
| 2018-06-25 | CVE-2018-11046 | Improper Input Validation vulnerability in Pivotal Software Operations Manager Pivotal Operations Manager, versions 2.1.x prior to 2.1.6 and version 2.0.14, includes NGINX packages that lacks security vulnerability patches. | 6.5 |