Weak Authentication in Pivotal Cloud Foundry Ops Manager
CVE-2016-0883
9.8CRITICAL
What is CVE-2016-0883?
The Pivotal Cloud Foundry Ops Manager has a vulnerability where the same cookie-encryption key is used across different customer installations. This design flaw enables remote attackers to exploit their knowledge of this shared key from one installation to bypass session authentication in another, compromising the integrity and confidentiality of user sessions.
