Pivotal Usage Service in Pivotal Application Service, versions 2.0 prior to 2.0.21 and 2.1 prior to 2.1.13 and 2.2 prior to 2.2.5, contains a bug which may allow escalation of privileges. A space developer with access to the system org may be able to access an artifact which contains the CF admin credential, allowing them to escalate to an admin role.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Pivotal_application_service | Pivotal_software | 2.0.0 (including) | 2.0.21 (excluding) |
Pivotal_application_service | Pivotal_software | 2.1.0 (including) | 2.1.13 (excluding) |
Pivotal_application_service | Pivotal_software | 2.2.0 (including) | 2.2.5 (excluding) |