← voltar
CVE-2018-11045

CVE-2018-11045

EPSS 0.9%
Vexday Risk Score
3Baixo
Decisão SSVC (CISA)
Track
Sem sinal de exploração → monitorar
CVSS EPSS 0.9%KEV nãoPoC Nuclei Metasploit Patch
Ciclo de vida
11 jul 2018Publicada no NVD
Recomendação: Monitorar — sem sinal de exploração no momento.
Pivotal Operations Manager, versions 2.1 prior to 2.1.6 and 2.0 prior to 2.0.15 and 1.12 prior to 1.12.22, contains a static Linux Random Number Generator (LRNG) seed file embedded in the appliance image. An attacker with knowledge of the exact version and IaaS of a running OpsManager could get the contents of the corresponding seed from the published image and therefore infer the initial state of the LRNG.
Produtos afetados
Pivotal · Pivotal Operations Manager

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://pivotal.io/security/cve-2018-11045