Description
The password change functionality in Cloud Foundry Runtime cf-release before 216, UAA before 2.5.2, and Pivotal Cloud Foundry (PCF) Elastic Runtime before 1.7.0 allow attackers to have unspecified impact by leveraging failure to expire existing sessions.
Remediation
References
https://pivotal.io/security/cve-2015-5170-5173
Related Vulnerabilities
CVE-2018-1999037 Vulnerability in maven package org.jenkins-ci.plugins:resource-disposer
CVE-2023-34238 Vulnerability in npm package gatsby-transformer-remark
CVE-2018-3774 Vulnerability in npm package url-parse
CVE-2018-1000149 Vulnerability in maven package org.jenkins-ci.plugins:ansible
CVE-2020-10721 Vulnerability in maven package io.fabric8:fabric8-maven-plugin-core