Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
pivotal software cloud foundry elastic runtime vulnerabilities and exploits
(subscribe to this query)
5.8
CVSSv2
CVE-2015-3190
With Cloud Foundry Runtime cf-release versions v209 or earlier, UAA Standalone versions 2.2.6 or earlier and Pivotal Cloud Foundry Runtime 1.4.5 or earlier the UAA logout link is susceptible to an open redirect which allows an malicious user to insert malicious web page as a redi...
Cloudfoundry Cf-release
Pivotal Software Cloud Foundry Elastic Runtime
Pivotal Software Cloud Foundry Uaa
6.8
CVSSv2
CVE-2015-3191
With Cloud Foundry Runtime cf-release versions v209 or earlier, UAA Standalone versions 2.2.6 or earlier and Pivotal Cloud Foundry Runtime 1.4.5 or earlier the change_email form in UAA is vulnerable to a CSRF attack. This allows an malicious user to trigger an e-mail change for a...
Cloudfoundry Cf-release
Pivotal Software Cloud Foundry Elastic Runtime
Pivotal Software Cloud Foundry Uaa
6.8
CVSSv2
CVE-2015-5170
Cloud Foundry Runtime cf-release prior to 216, UAA prior to 2.5.2, and Pivotal Cloud Foundry (PCF) Elastic Runtime prior to 1.7.0 allow remote malicious users to conduct cross-site request forgery (CSRF) attacks on PWS and log a user into an arbitrary account by leveraging lack o...
Cloudfoundry Cf-release
Pivotal Software Cloud Foundry Elastic Runtime
Pivotal Software Cloud Foundry Uaa
7.5
CVSSv2
CVE-2015-5171
The password change functionality in Cloud Foundry Runtime cf-release prior to 216, UAA prior to 2.5.2, and Pivotal Cloud Foundry (PCF) Elastic Runtime prior to 1.7.0 allow malicious users to have unspecified impact by leveraging failure to expire existing sessions.
Cloudfoundry Cf-release
Pivotal Software Cloud Foundry Elastic Runtime
Pivotal Software Cloud Foundry Uaa
4.3
CVSSv2
CVE-2016-0715
Pivotal Cloud Foundry Elastic Runtime version 1.4.0 up to and including 1.4.5, 1.5.0 up to and including 1.5.11 and 1.6.0 up to and including 1.6.11 is vulnerable to a remote information disclosure. It was found that original mitigation configuration instructions provided as part...
Pivotal Software Cloud Foundry Elastic Runtime
4.3
CVSSv2
CVE-2016-0926
Cross-site scripting (XSS) vulnerability in Apps Manager in Pivotal Cloud Foundry (PCF) Elastic Runtime prior to 1.6.32 and 1.7.x prior to 1.7.8 allows remote malicious users to inject arbitrary web script or HTML via unspecified input that improperly interacts with the AngularJS...
Pivotal Software Cloud Foundry Elastic Runtime
4
CVSSv2
CVE-2015-1834
A path traversal vulnerability was identified in the Cloud Foundry component Cloud Controller that affects cf-release versions prior to v208 and Pivotal Cloud Foundry Elastic Runtime versions before 1.4.2. Path traversal is the 'outbreak' of a given directory structure ...
Cloudfoundry Cf-release
Pivotal Software Cloud Foundry Elastic Runtime
4
CVSSv2
CVE-2016-6658
Applications in cf-release prior to 245 can be configured and pushed with a user-provided custom buildpack using a URL pointing to the buildpack. Although it is not recommended, a user can specify a credential in the URL (basic auth or OAuth) to access the buildpack through the C...
Cloudfoundry Cf-release
Pivotal Software Cloud Foundry Elastic Runtime
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
man-in-the-middle
CVE-2024-34558
CVE-2024-32674
CVE-2024-34351
XPath injection
CVE-2023-45866
CVE-2024-25528
CVE-2024-25517
path traversal
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3