2 matches found
CVE-2015-5172
CVE-2015-5172 affects Cloud Foundry Runtime: cf-release prior to 216, UAA prior to 2.5.2, and PCF Elastic Runtime prior to 1.7.0, due to failure to expire password reset links. Connected sources (GHSA/osv entries) corroborate the affected components and the weak password recovery mechanism, descr...
CVE-2015-5170-5173 UAA Vulnerabilities | Cloud Foundry
CVE-2015-5170-5173 UAA Vulnerabilities Low Vendor Cloud Foundry Foundation Versions Affected cf-release versions v215 & prior UAA versions 2.5.1 & prior Description CSRF Attack on PWS. It is possible to log the user into another account instead of the account they intended to log into because of...