Skip to main content

Pivotal Scheduler

1 CVEs product

Monthly

CVE-2020-5426 CRITICAL Act Now

Scheduler for TAS prior to version 1.4.0 was permitting plaintext transmission of UAA client token by sending it over a non-TLS connection. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Pivotal Scheduler
NVD
CVSS 3.1
9.8
EPSS
0.7%
EPSS 1% CVSS 9.8
CRITICAL Act Now

Scheduler for TAS prior to version 1.4.0 was permitting plaintext transmission of UAA client token by sending it over a non-TLS connection. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Pivotal Scheduler
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy