Cloud Foundry Runtime cf-release before 216, UAA before 2.5.2, and Pivotal Cloud Foundry (PCF) Elastic Runtime before 1.7.0 allow attackers to have unspecified impact by leveraging failure to expire password reset links.
References
Link | Resource |
---|---|
https://pivotal.io/security/cve-2015-5170-5173 | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
No history.
Information
Published : 2017-10-24 17:29
Updated : 2024-02-28 16:04
NVD link : CVE-2015-5172
Mitre link : CVE-2015-5172
CVE.ORG link : CVE-2015-5172
JSON object : View
Products Affected
pivotal_software
- cloud_foundry_elastic_runtime
- cloud_foundry_uaa
cloudfoundry
- cf-release
CWE
CWE-640
Weak Password Recovery Mechanism for Forgotten Password