Cloud Foundry Runtime cf-release before 216, UAA before 2.5.2, and Pivotal Cloud Foundry (PCF) Elastic Runtime before 1.7.0 allow attackers to have unspecified impact by leveraging failure to expire password reset links.
References
Link | Resource |
---|---|
https://pivotal.io/security/cve-2015-5170-5173 | Vendor Advisory |
https://pivotal.io/security/cve-2015-5170-5173 | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 02:32
Type | Values Removed | Values Added |
---|---|---|
References | () https://pivotal.io/security/cve-2015-5170-5173 - Vendor Advisory |
Information
Published : 2017-10-24 17:29
Updated : 2024-11-21 02:32
NVD link : CVE-2015-5172
Mitre link : CVE-2015-5172
CVE.ORG link : CVE-2015-5172
JSON object : View
Products Affected
cloudfoundry
- cf-release
pivotal_software
- cloud_foundry_elastic_runtime
- cloud_foundry_uaa
CWE
CWE-640
Weak Password Recovery Mechanism for Forgotten Password