All Vulnerability Reports

CVE-2019-5021: Tile generator affected by insecure default password


Severity

High

Vendor

Pivotal Cloud Foundry

Description

Pivotal Tile Generator, versions prior to v13.0.3, contains a docker image with an insecure default password. A local unauthenticated malicious user could use the insecure default password to gain access to the Tile Generator while it is being run.

Affected VMware Products and Versions

Severity is high unless otherwise noted.

  • Pivotal Tile Generator versions prior to v13.0.3

Mitigation

Users of affected versions should apply the following mitigation:

  • Releases that have fixed this issue include:
    • Pivotal Tile Generator v13.0.3

References

History

2019-05-30: Initial vulnerability report published