Lucene search
PRIOn knowledge basePRION:CVE-2015-5170HistoryOct 24, 2017 - 5:29 p.m.
Cross site request forgery (csrf)
2017-10-2417:29:00
PRIOn knowledge base
www.prio-n.com
1
Cloud Foundry Runtime cf-release before 216, UAA before 2.5.2, and Pivotal Cloud Foundry (PCF) Elastic Runtime before 1.7.0 allow remote attackers to conduct cross-site request forgery (CSRF) attacks on PWS and log a user into an arbitrary account by leveraging lack of CSRF checks.
| CPE | Name | Operator | Version |
|---|---|---|---|
| cf-release | lt | 216 | |
| cloud_foundry_elastic_runtime | lt | 1.7.0 | |
| cloud_foundry_uaa | lt | 2.5.2 |
Related
cvelist
cvelist
CVE-2015-5170
2017-10-24 17:00:00
cve
cve
CVE-2015-5170
2017-10-24 17:29:00
osv
osv
Cloud Foundry Runtime Cross-Site Request Forgery vulnerability
2022-05-13 01:07:00
Cloud Foundry Runtime has Weak Password Recovery Mechanism for Forgotten Password
2022-05-13 01:07:00
Cloud Foundry Runtime Insufficient Session Expiration vulnerability
2022-05-13 01:07:00
nvd
nvd
CVE-2015-5170
2017-10-24 17:29:00
github
github
Cloud Foundry Runtime Cross-Site Request Forgery vulnerability
2022-05-13 01:07:00
cloudfoundry
cloudfoundry
CVE-2015-5170-5173 UAA Vulnerabilities | Cloud Foundry
2016-05-02 00:00:00