Miggo Logo

CVE-2015-5170: Cloud Foundry Runtime Cross-Site Request Forgery vulnerability

8.8

CVSS Score
3.1

Basic Information

EPSS Score
0.53367%
Published
5/13/2022
Updated
2/28/2024
KEV Status
No
Technology
TechnologyJava

Technical Details

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Package NameEcosystemVulnerable VersionsFirst Patched Version
org.cloudfoundry.identity:cloudfoundry-identity-servermaven< 2.5.22.5.2

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The vulnerability stemmed from missing CSRF protections on login endpoints. The patch shows the critical change was enabling CSRF with a cookie-based token repository (loginCookieCsrfRepository) and removing 'disabled=true' in the XML configuration. The pre-patch state of <csrf disabled='true'/> in login-ui.xml directly caused the vulnerability by disabling Spring Security's CSRF checks for login requests.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

*lou* *oun*ry Runtim* **-r*l**s* ***or* ***, U** ***or* *.*.*, *n* Pivot*l *lou* *oun*ry (P**) *l*sti* Runtim* ***or* *.*.* *llow r*mot* *tt**k*rs to *on*u*t *ross-sit* r*qu*st *or**ry (*SR*) *tt**ks on PWS *n* lo* * us*r into *n *r*itr*ry ***ount *y

Reasoning

T** vuln*r**ility st*mm** *rom missin* *SR* prot**tions on lo*in *n*points. T** p*t** s*ows t** *riti**l ***n** w*s *n**lin* *SR* wit* * *ooki*-**s** tok*n r*pository (`lo*in*ooki**sr*R*pository`) *n* r*movin* '*is**l**=tru*' in t** XML *on*i*ur*tion