First published: Wed Jun 20 2018(Updated: )
Pivotal Operations Manager, versions 2.1.x prior to 2.1.6 and version 2.0.14, includes NGINX packages that lacks security vulnerability patches. An attacker with access to the NGINX processes and knowledge of how to exploit the unpatched vulnerabilities may be able to impact Operations Manager
Credit: security_alert@emc.com
Affected Software | Affected Version | How to fix |
---|---|---|
Pivotal Software Operations Manager | >=2.1.0<2.1.6 | |
Pivotal Software Operations Manager | =2.0.14 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2018-11046 is a vulnerability in Pivotal Operations Manager versions 2.1.x prior to 2.1.6 and version 2.0.14 that includes unpatched NGINX packages.
CVE-2018-11046 allows an attacker with access to the NGINX processes and knowledge of how to exploit the unpatched vulnerabilities to impact Operations Manager.
CVE-2018-11046 has a severity value of 6.5, which is considered medium.
Pivotal Operations Manager versions 2.1.x prior to 2.1.6 and version 2.0.14 are affected by CVE-2018-11046.
To fix CVE-2018-11046, update Pivotal Operations Manager to version 2.1.6 or apply the necessary security patches.