Описание
Cloud Foundry Runtime Insufficient Session Expiration vulnerability
The password change functionality in Cloud Foundry Runtime cf-release before 216, UAA before 2.5.2, and Pivotal Cloud Foundry (PCF) Elastic Runtime before 1.7.0 allow attackers to have unspecified impact by leveraging failure to expire existing sessions.
Пакеты
org.cloudfoundry.identity:cloudfoundry-identity-server
< 2.5.2
2.5.2
Связанные уязвимости
The password change functionality in Cloud Foundry Runtime cf-release before 216, UAA before 2.5.2, and Pivotal Cloud Foundry (PCF) Elastic Runtime before 1.7.0 allow attackers to have unspecified impact by leveraging failure to expire existing sessions.
Уязвимость программного обеспечения Cloud Foundry Runtime cf-release, UAA Standalone и Pivotal Cloud Foundry Elastic Runtime программной платформы Cloud Foundry, позволяющая нарушителю воспользоваться старой сессией после сброса пароля