AI Score
Confidence
High
EPSS
Percentile
64.8%
Cloud Foundry Runtime cf-release before 216, UAA before 2.5.2, and Pivotal Cloud Foundry (PCF) Elastic Runtime before 1.7.0 allow attackers to have unspecified impact by leveraging failure to expire password reset links.
github.com/cloudfoundry/uaa
github.com/cloudfoundry/uaa/commit/cd31cc397fe17389d95b83d6a9caa46eebc54faf
nvd.nist.gov/vuln/detail/CVE-2015-5172
pivotal.io/security/cve-2015-5170-5173