Pivotal CredHub Service Broker, versions prior to 1.1.0, uses a guessable form of random number generation in creating service broker's UAA…
dell·CWE-338·Published 2018-11-13
Pivotal CredHub Service Broker, versions prior to 1.1.0, uses a guessable form of random number generation in creating service broker's UAA client. A remote malicious user may guess the client secret and obtain or modify credentials for users of the CredHub Service.
Pivotal CredHub Service Broker, versions prior to 1.1.0, uses a guessable form of random number generation in creating service broker's UAA client. A remote malicious user may guess the client secret and obtain or modify credentials for users of the CredHub Service.
Pivotal CredHub Service Broker, versions prior to 1.1.0, uses a guessable form of random number generation in creating service broker's UAA client. A remote malicious user may guess the client secret and obtain or modify credentials for users of the CredHub Service.
Pivotal CredHub Service Broker, versions prior to 1.1.0, uses a guessable form of random number generation in creating service broker's UAA client. A remote malicious user may guess the client secret and obtain or modify credentials for users of the CredHub Service.
Dell EMC RecoverPoint, en versiones anteriores a la 5.1.2.1 y RecoverPoint for VMs en versiones anteriores a la 5.2.0.2, contienen una vulnerabilidad de consumo de recursos no controlado. Un usuario boxmgmt malicioso podría ser capaz de consumir grandes cantidades de banda ancha de CPU para hacer que el sistema se ralentice o determine la existencia de cualquier archivo del sistema mediante la interfaz de línea de comandos de Boxmgmt.
| Version | Type | Source | Base | Exp | Impact | Vector |
|---|---|---|---|---|---|---|
| 2.0 | Primary | NVD | 5.5 | 8.0 | 4.9 | AV:N/AC:L/Au:S/C:P/I:P/A:N |
| 3.0 | Primary | cve.org | 8.1 | — | — | CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N |
| 3.0 | Primary | cve.org | 8.1 | — | — | CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N |
| 3.0 | Primary | NVD | 8.1 | 2.8 | 5.2 | CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N |
| 3.0 | Secondary | NVD | 8.1 | 1.7 | 5.8 | CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N |
| 3.1 | Secondary | GHSA | 8.1 | — | — | CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N |