3 matches found
CVE-2015-5170
Cloud Foundry Runtime cf-release before 216, UAA before 2.5.2, and Pivotal Cloud Foundry PCF Elastic Runtime before 1.7.0 allow remote attackers to conduct cross-site request forgery CSRF attacks on PWS and log a user into an arbitrary account by leveraging lack of CSRF checks...
CVE-2015-5170
CVE-2015-5170 affects Cloud Foundry components (cf-release before 216, UAA before 2.5.2, PCF Elastic Runtime before 1.7.0) and enables remote CSRF attacks on PWS by exploiting missing CSRF checks, potentially allowing an attacker to log a user into an arbitrary account. The connected records corr...
CVE-2015-5170-5173 UAA Vulnerabilities | Cloud Foundry
CVE-2015-5170-5173 UAA Vulnerabilities Low Vendor Cloud Foundry Foundation Versions Affected cf-release versions v215 & prior UAA versions 2.5.1 & prior Description CSRF Attack on PWS. It is possible to log the user into another account instead of the account they intended to log into because of...