Acunetix DAST powers runtime capabilities for Invicti’s complete AppSec platform. Visit Invicti for more.

WEB APPLICATION VULNERABILITIES SCA (Software Composition Analysis)

CVE-2015-5173 Vulnerability in maven package org.cloudfoundry.identity:cloudfoundry-identity-login

Description

Cloud Foundry Runtime cf-release before 216, UAA before 2.5.2, and Pivotal Cloud Foundry (PCF) Elastic Runtime before 1.7.0 allow attackers to have unspecified impact via vectors involving emails with password recovery links, aka "Cross Domain Referer Leakage."

Remediation

References

https://pivotal.io/security/cve-2015-5170-5173

Related Vulnerabilities

CVE-2023-33005 Vulnerability in maven package org.jenkins-ci.plugins:wso2id-oauth

CVE-2023-29003 Vulnerability in npm package @sveltejs/kit

CVE-2022-34790 Vulnerability in maven package org.jenkins-ci.plugins:xfpanel

CVE-2022-42466 Vulnerability in maven package org.apache.isis.commons:isis-commons

CVE-2023-49093 Vulnerability in maven package org.htmlunit:htmlunit

Severity

Critical

Classification

CWE-200 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Tags

Vendor Advisory