CVE-2015-5170 in Cloudfoundry and Pivotal Software Products
Published on October 24, 2017

Cloud Foundry Runtime cf-release before 216, UAA before 2.5.2, and Pivotal Cloud Foundry (PCF) Elastic Runtime before 1.7.0 allow remote attackers to conduct cross-site request forgery (CSRF) attacks on PWS and log a user into an arbitrary account by leveraging lack of CSRF checks.

NVD

Products Associated with CVE-2015-5170

You can be notified by email with stack.watch whenever vulnerabilities like CVE-2015-5170 are published in these products:

Cloudfoundry Cf Release

Pivotal Software Cloud Foundry Elastic Runtime

Pivotal Software Cloud Foundry Uaa

Exploit Probability

EPSS

0.31%

Percentile

53.43%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2015-5170 in Cloudfoundry and Pivotal Software ProductsPublished on October 24, 2017

Products Associated with CVE-2015-5170

Exploit Probability

CVE-2015-5170 in Cloudfoundry and Pivotal Software Products
Published on October 24, 2017