CVE-2019-11288 vulnerability in Pivotal Products
Published on January 27, 2020
tcServer JMX Socket Listener Registry Rebinding Local Privilege Escalation
In Pivotal tc Server, 3.x versions prior to 3.2.19 and 4.x versions prior to 4.0.10, and Pivotal tc Runtimes, 7.x versions prior to 7.0.99.B, 8.x versions prior to 8.5.47.A, and 9.x versions prior to 9.0.27.A, when a tc Runtime instance is configured with the JMX Socket Listener, a local attacker without access to the tc Runtime process or configuration files is able to manipulate the RMI registry to perform a man-in-the-middle attack to capture user names and passwords used to access the JMX interface. The attacker can then use these credentials to access the JMX interface and gain complete control over the tc Runtime instance.
Weakness Type
Improper Privilege Management
The software does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.
Products Associated with CVE-2019-11288
stack.watch emails you whenever new vulnerabilities are published in Pivotal Tc Runtimes or Pivotal Tc Server. Just hit a watch button to start following.
Affected Versions
Pivotal tc Server 4.x:- Version All and below 4.0.10 is affected.
- Version All and below 3.2.19 is affected.
- Version 7.x and below 7.0.99.B is affected.
- Version 8.x and below 8.5.47.A is affected.
- Version 9.x and below 9.0.27.A is affected.
- Version 7.x and below 7.0.99.B is affected.
- Version 8.x and below 8.5.47.A is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.