CVE-2015-3190
N/A
N/A
Summary
With Cloud Foundry Runtime cf-release versions v209 or earlier, UAA Standalone versions 2.2.6 or earlier and Pivotal Cloud Foundry Runtime 1.4.5 or earlier the UAA logout link is susceptible to an open redirect which allows an attacker to insert malicious web page as a redirect parameter.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Pivotal | Cloud Foundry | Runtime cf-release versions v209 or earlier | affected |
| Pivotal | Cloud Foundry | UAA Standalone versions 2.2.6 or earlier | affected |
| Pivotal | Cloud Foundry | Runtime 1.4.5 or earlier | affected |
Weaknesses
- Open redirect
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.