CVE-2019-5021: Tile generator affected by insecure default password
Severity
High
Vendor
Pivotal Cloud Foundry
Description
Pivotal Tile Generator, versions prior to v13.0.3, contains a docker image with an insecure default password. A local unauthenticated malicious user could use the insecure default password to gain access to the Tile Generator while it is being run.
Affected VMware Products and Versions
Severity is high unless otherwise noted.
- Pivotal Tile Generator versions prior to v13.0.3
Mitigation
Users of affected versions should apply the following mitigation:
- Releases that have fixed this issue include:
- Pivotal Tile Generator v13.0.3
References
History
2019-05-30: Initial vulnerability report published