The password change functionality in Cloud Foundry Runtime cf-release before 216, UAA before 2.5.2, and Pivotal Cloud Foundry (PCF) Elastic Runtime before 1.7.0 allow attackers to have unspecified impact by leveraging failure to expire existing sessions.
Metrics
Affected Vendors & Products
Advisories
Source | ID | Title |
---|---|---|
![]() |
EUVD-2022-4065 | The password change functionality in Cloud Foundry Runtime cf-release before 216, UAA before 2.5.2, and Pivotal Cloud Foundry (PCF) Elastic Runtime before 1.7.0 allow attackers to have unspecified impact by leveraging failure to expire existing sessions. |
![]() |
GHSA-h533-q6jc-qx28 | Cloud Foundry Runtime Insufficient Session Expiration vulnerability |
Fixes
Solution
No solution given by the vendor.
Workaround
No workaround given by the vendor.
References
Link | Providers |
---|---|
https://pivotal.io/security/cve-2015-5170-5173 |
![]() ![]() |
History
No history.

Status: PUBLISHED
Assigner: redhat
Published:
Updated: 2024-08-06T06:41:07.973Z
Reserved: 2015-07-01T00:00:00
Link: CVE-2015-5171

No data.

Status : Deferred
Published: 2017-10-24T17:29:00.230
Modified: 2025-04-20T01:37:25.860
Link: CVE-2015-5171

No data.

No data.