CVE-2018-11041: UAA open redirect
Affected VMware Products and Versions
Severity is high unless otherwise noted.
- Pivotal Operations Manager
- 2.1.x versions prior to 2.1.7
- 2.0.x versions prior to 2.0.16
- Pivotal Application Service
- 2.1.x versions prior to 2.1.8
- 2.0.x versions prior to 2.0.17
Users of affected versions should apply the following mitigation:
- The Cloud Foundry team recommends upgrading BOSH stemcells and/or other OSS components listed here if applicable.
- Releases that have fixed this issue include:
- Pivotal Operations Manager: 2.2.0, 2.1.7, 2.0.16
- Pivotal Application Service 2.2.0, 2.1.8, 2.0.17