How severe is CVE-2015-3189?

This vulnerability has a severity rating of LOW with a CVSS score of 3.7 out of 10.

What type of vulnerability is CVE-2015-3189?

This is classified as CWE-640, which is a common weakness in software security.

CVE-2015-3189

LOW Year: 2015

CVSS v3 Score

3.7

Low

CVSS v2 Score

4.3

Medium

Weakness Type

CWE-640

View all →

Vulnerability Description

With Cloud Foundry Runtime cf-release versions v208 or earlier, UAA Standalone versions 2.2.5 or earlier and Pivotal Cloud Foundry Runtime 1.4.5 or earlier, old Password Reset Links are not expired after the user changes their current email address to a new one. This vulnerability is applicable only when using the UAA internal user store for authentication. Deployments enabled for integration via SAML or LDAP are not affected.

CVE-2024-9907

MEDIUM

CVSS:3.7(Low)

A vulnerability classified as problematic was found in QileCMS up to 1.1.3. This vulnerability affects the function sendEmail of the file /qilecms/user/controller/Forget.php of the component Verificat...

CWE-6402024

CVE-2021-39899

MEDIUM

CVSS:4.2(Medium)

In all versions of GitLab CE/EE, an attacker with physical access to a user’s machine may brute force the user’s password via the change password function. There is a rate limit in place, but the atta...

CWE-6402021

CVE-2022-23172

MEDIUM

CVSS:4.3(Medium)

An attacker can access to "Forgot my password" button, as soon as he puts users is valid in the system, the system would issue a message that a password reset email had been sent to user. This way you...

CWE-6402022

CVE-2022-42807

MEDIUM

CVSS:4.3(Medium)

A logic issue was addressed with improved state management. This issue is fixed in macOS Ventura 13. A user may accidentally add a participant to a Shared Album by pressing the Delete key

CWE-6402022

CVE-2023-5959

MEDIUM

CVSS:4.3(Medium)

A vulnerability, which was classified as problematic, was found in Byzoro Smart S85F Management Platform V31R02B10-01. Affected is an unknown function of the file /login.php. The manipulation of the a...

CWE-6402023

CVE-2025-2093

LOW

CVSS:3.1(Low)

A vulnerability was found in PHPGurukul Online Library Management System 3.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /change-passwo...

CWE-6402025

CVE-2015-3189

Vulnerability Description

Related Vulnerabilities

CVE-2024-9907

CVE-2021-39899

CVE-2022-23172

CVE-2022-42807

CVE-2023-5959

CVE-2025-2093