Cloud Foundry Runtime cf-release before 216, UAA before 2.5.2, and Pivotal Cloud Foundry (PCF) Elastic Runtime before 1.7.0 allow attackers to have unspecified impact by leveraging failure to expire password reset links.
Metrics
Affected Vendors & Products
Advisories
Source | ID | Title |
---|---|---|
![]() |
EUVD-2022-3609 | Cloud Foundry Runtime cf-release before 216, UAA before 2.5.2, and Pivotal Cloud Foundry (PCF) Elastic Runtime before 1.7.0 allow attackers to have unspecified impact by leveraging failure to expire password reset links. |
![]() |
GHSA-cq6m-74r4-x77g | Cloud Foundry Runtime has Weak Password Recovery Mechanism for Forgotten Password |
Fixes
Solution
No solution given by the vendor.
Workaround
No workaround given by the vendor.
References
Link | Providers |
---|---|
https://pivotal.io/security/cve-2015-5170-5173 |
![]() ![]() |
History
No history.

Status: PUBLISHED
Assigner: redhat
Published:
Updated: 2024-08-06T06:41:09.222Z
Reserved: 2015-07-01T00:00:00
Link: CVE-2015-5172

No data.

Status : Deferred
Published: 2017-10-24T17:29:00.260
Modified: 2025-04-20T01:37:25.860
Link: CVE-2015-5172

No data.

No data.