Vulnerabilities > Pivotal Software > Operations Manager > 2.2.2

DATE CVE VULNERABILITY TITLE RISK
2019-06-06 CVE-2019-3790 Insufficient Session Expiration vulnerability in Pivotal Software Operations Manager
The Pivotal Ops Manager, 2.2.x versions prior to 2.2.23, 2.3.x versions prior to 2.3.16, 2.4.x versions prior to 2.4.11, and 2.5.x versions prior to 2.5.3, contain configuration that circumvents refresh token expiration.
network
low complexity
pivotal-software CWE-613
5.5
5.5
2019-03-07 CVE-2019-3776 Cross-site Scripting vulnerability in Pivotal Software Operations Manager
Pivotal Operations Manager, 2.1.x versions prior to 2.1.20, 2.2.x versions prior to 2.2.16, 2.3.x versions prior to 2.3.10, 2.4.x versions prior to 2.4.3, contains a reflected cross site scripting vulnerability. 		3.5
3.5
2018-11-02 CVE-2018-15762 Improper Privilege Management vulnerability in Pivotal Software Operations Manager
Pivotal Operations Manager, versions 2.0.x prior to 2.0.24, versions 2.1.x prior to 2.1.15, versions 2.2.x prior to 2.2.7, and versions 2.3.x prior to 2.3.1, grants all users a scope which allows for privilege escalation.
network
low complexity
pivotal-software CWE-269
6.5
6.5