Vulnerabilities > Pivotal Software > Operations Manager > 2.1.10

DATE CVE VULNERABILITY TITLE RISK
2019-03-07 CVE-2019-3776 Cross-site Scripting vulnerability in Pivotal Software Operations Manager
Pivotal Operations Manager, 2.1.x versions prior to 2.1.20, 2.2.x versions prior to 2.2.16, 2.3.x versions prior to 2.3.10, 2.4.x versions prior to 2.4.3, contains a reflected cross site scripting vulnerability. 		3.5
3.5
2018-11-02 CVE-2018-15762 Improper Privilege Management vulnerability in Pivotal Software Operations Manager
Pivotal Operations Manager, versions 2.0.x prior to 2.0.24, versions 2.1.x prior to 2.1.15, versions 2.2.x prior to 2.2.7, and versions 2.3.x prior to 2.3.1, grants all users a scope which allows for privilege escalation.
network
low complexity
pivotal-software CWE-269
6.5
6.5
2018-10-05 CVE-2018-11081 Unspecified vulnerability in Pivotal Software Operations Manager
Pivotal Operations Manager, versions 2.2.x prior to 2.2.1, 2.1.x prior to 2.1.11, 2.0.x prior to 2.0.16, and 1.11.x prior to 2, fails to write the Operations Manager UAA config onto the temp RAM disk, thus exposing the configs directly onto disk.
network
low complexity
pivotal-software
4.0
4.0