Cloud Foundry Runtime cf-release before 216, UAA before 2.5.2, and Pivotal Cloud Foundry (PCF) Elastic Runtime before 1.7.0 allow remote attackers to conduct cross-site request forgery (CSRF) attacks on PWS and log a user into an arbitrary account by leveraging lack of CSRF checks.
Metrics
Affected Vendors & Products
Advisories
Source | ID | Title |
---|---|---|
![]() |
EUVD-2022-4605 | Cloud Foundry Runtime cf-release before 216, UAA before 2.5.2, and Pivotal Cloud Foundry (PCF) Elastic Runtime before 1.7.0 allow remote attackers to conduct cross-site request forgery (CSRF) attacks on PWS and log a user into an arbitrary account by leveraging lack of CSRF checks. |
![]() |
GHSA-mpv3-g527-fqrj | Cloud Foundry Runtime Cross-Site Request Forgery vulnerability |
Fixes
Solution
No solution given by the vendor.
Workaround
No workaround given by the vendor.
References
History
No history.

Status: PUBLISHED
Assigner: redhat
Published:
Updated: 2024-08-06T06:41:07.967Z
Reserved: 2015-07-01T00:00:00
Link: CVE-2015-5170

No data.

Status : Deferred
Published: 2017-10-24T17:29:00.183
Modified: 2025-04-20T01:37:25.860
Link: CVE-2015-5170

No data.

No data.