exploitDog

GHSA-pvw6-76ww-4x7m

Опубликовано: 13 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 8.8

Описание

Cloud Foundry Runtime cf-release before 216, UAA before 2.5.2, and Pivotal Cloud Foundry (PCF) Elastic Runtime before 1.7.0 allow attackers to have unspecified impact via vectors involving emails with password recovery links, aka "Cross Domain Referer Leakage."

Cloud Foundry Runtime cf-release before 216, UAA before 2.5.2, and Pivotal Cloud Foundry (PCF) Elastic Runtime before 1.7.0 allow attackers to have unspecified impact via vectors involving emails with password recovery links, aka "Cross Domain Referer Leakage."

Ссылки

EPSS

Процентиль: 65%

0.00484

Низкий

8.8 High

CVSS3

CVE ID

Дефекты

CWE-200

Связанные уязвимости

CVE-2015-5173

CVSS3: 8.8

nvd

больше 8 лет назад

Cloud Foundry Runtime cf-release before 216, UAA before 2.5.2, and Pivotal Cloud Foundry (PCF) Elastic Runtime before 1.7.0 allow attackers to have unspecified impact via vectors involving emails with password recovery links, aka "Cross Domain Referer Leakage."

EPSS

Процентиль: 65%

0.00484

Низкий

8.8 High

CVSS3

CVE ID

Дефекты

CWE-200