製品

A portfolio of products and services for modernizing applications and infrastructure

Build better apps

Application Service
A modern app platform
Build Service
Container creation and management
Application Catalog
Production-ready open-source containers
Data Services
Cloud native data and messaging (including GemFire, RabbitMQ, and SQL)

Simplify cloud ops

Kubernetes Grid
Enterprise-ready runtime
Mission Control
Centralized cluster management
Observability
Modern app monitoring and analytics
Service Mesh
App-wide networking and control

Spring

Cloud native Java development

Spring Runtime

OpenJDK, Spring, Apache Tomcat support

CI/CD

Concourse
Delivery pipeline automation

Analytics

Greenplum
Data warehouse for converged analytics

サービス
Pivotal Labs
Build Apps
Deliver new apps users love
Modernize Apps
Re-architect valuable legacy apps
プラットフォーム
Apply the new rules of ops
Education
Build your cloud native skills

All Vulnerability Reports

Kubernetes API Server acts as proxy for internal and external IPs

Severity

Unspecified

Description

Kubernetes API, versions 1.11.x prior to 1.11.6, 1.12.x prior to 1.12.4, contains an improper proxy. A remote authenticated user is able to send HTTP requests through the Kubernetes API server within the server's network.

Affected Pivotal Products and Versions

Severity is unspecified unless otherwise noted.

Pivotal Container Service (PKS)
- versions 1.2.x prior to 1.2.5

Mitigation

Users of affected versions should apply the following mitigation:

Pivotal recommends upgrading the following releases:
- Pivotal Container Service (PKS)
  - Upgrade 1.2.x versions to 1.2.5 or greater

References

History

2019-01-08: Initial vulnerability report published.