CWE-601

URL Redirection to Untrusted Site ('Open Redirect')

BaseDraftLikelihood: Low

Description

The web application accepts a user-controlled input that specifies a link to an external site, and uses that link in a redirect.

Hierarchy (View 1000)

Parents

CWE-610

Children

none

Related attack patterns (CAPEC)

CAPEC-178

CVEs mapped to this weakness (427)

page 8 of 22

CVE	Sev	Risk	CVSS	EPSS	Published	Description
CVE-2017-12344	Med	0.40	6.1	0.00	Nov 30, 2017	Multiple vulnerabilities in Cisco Data Center Network Manager (DCNM) Software could allow a remote attacker to inject arbitrary values into DCNM configuration parameters, redirect a user to a malicious website, inject malicious content into a DCNM client interface, or conduct a cross-site scripting (XSS) attack against a user of the affected software. Cisco Bug IDs: CSCvf40477, CSCvf63150, CSCvf68218, CSCvf68235, CSCvf68247.
CVE-2017-1000163	Med	0.40	6.1	0.02	Nov 17, 2017	The Phoenix Framework versions 1.0.0 through 1.0.4, 1.1.0 through 1.1.6, 1.2.0, 1.2.2 and 1.3.0-rc.0 are vulnerable to unvalidated URL redirection, which may result in phishing or social engineering attacks.
CVE-2017-16761	Med	0.40	6.1	0.00	Nov 10, 2017	An Open Redirect vulnerability in Inedo BuildMaster before 5.8.2 allows remote attackers to redirect users to arbitrary web sites.
CVE-2017-14358	Med	0.40	6.1	0.00	Oct 31, 2017	A URL redirection to untrusted site vulnerability in HP ArcSight ESM and HP ArcSight ESM Express, in any 6.x version prior to 6.9.1c Patch 4 or 6.11.0 Patch 1. This vulnerability could be exploited remotely to allow URL redirection to untrusted site.
CVE-2015-6961	Med	0.40	6.1	0.00	Oct 18, 2017	Open redirect vulnerability in gluon/tools.py in Web2py 2.9.11 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the _next parameter to user/logout.
CVE-2015-7943	Med	0.40	6.1	0.01	Oct 18, 2017	Open redirect vulnerability in the Overlay module in Drupal 7.x before 7.41, the jQuery Update module 7.x-2.x before 7.x-2.7 for Drupal, and the LABjs module 7.x-1.x before 7.x-1.8 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-3233.
CVE-2017-8047	Med	0.40	6.1	0.00	Oct 4, 2017	In Cloud Foundry router routing-release all versions prior to v0.163.0 and cf-release all versions prior to v274, in some applications, it is possible to append a combination of characters to the URL that will allow for an open redirect. An attacker could exploit this as a phishing attack to gain access to user credentials or other sensitive data. NOTE: 274 resolves the vulnerability but has a serious bug that is fixed in 275.
CVE-2017-14525	Med	0.40	6.1	0.00	Sep 28, 2017	Multiple open redirect vulnerabilities in OpenText Documentum Webtop 6.8.0160.0073 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a (1) URL in the startat parameter to xda/help/en/default.htm or (2) /%09/ (slash encoded horizontal tab slash) followed by a domain in the redirectUrl parameter to xda/component/virtuallinkconnect.
CVE-2017-14524	Med	0.40	6.1	0.01	Sep 28, 2017	Multiple open redirect vulnerabilities in OpenText Documentum Administrator 7.2.0180.0055 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a (1) URL in the startat parameter to xda/help/en/default.htm or (2) /%09/ (slash encoded horizontal tab slash) followed by a domain in the redirectUrl parameter to xda/component/virtuallinkconnect.
CVE-2015-5608	Med	0.40	6.1	0.00	Sep 20, 2017	Open redirect vulnerability in Joomla! CMS 3.0.0 through 3.4.1.
CVE-2015-2750	Med	0.40	6.1	0.01	Sep 13, 2017	Open redirect vulnerability in URL-related API functions in Drupal 6.x before 6.35 and 7.x before 7.35 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via vectors involving the "//" initial sequence.
CVE-2015-2749	Med	0.40	6.1	0.01	Sep 13, 2017	Open redirect vulnerability in Drupal 6.x before 6.35 and 7.x before 7.35 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the destination parameter.
CVE-2015-5054	Med	0.40	6.1	0.00	Sep 11, 2017	Open redirect vulnerability in Ellucian (formerly SunGard) Banner Student 8.5.1.2 through 8.7 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in an unspecified parameter.
CVE-2017-1450	Med	0.40	6.1	0.00	Aug 31, 2017	IBM Emptoris Sourcing 9.5 - 10.1.3 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to spoof the URL displayed to redirect a user to a malicious Web site that would appear to be trusted. This could allow the attacker to obtain highly sensitive information or conduct further attacks against the victim. IBM X-Force ID: 128177.
CVE-2017-14038	Med	0.40	6.1	0.00	Aug 30, 2017	CrushFTP before 7.8.0 and 8.x before 8.2.0 has a redirect vulnerability.
CVE-2017-1195	Med	0.40	6.1	0.00	Aug 29, 2017	IBM Curam Social Program Management 6.0, 6.1, 6.2, and 7.0 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to spoof the URL displayed to redirect a user to a malicious Web site that would appear to be trusted. This could allow the attacker to obtain highly sensitive information or conduct further attacks against the victim. IBM X-Force ID: 123670.
CVE-2017-1489	Med	0.40	6.1	0.00	Aug 29, 2017	IBM Security Access Manager 6.1, 7.0, 8.0, and 9.0 e-community configurations may be affected by a redirect vulnerability. ECSSO Master Authentication can redirect to a server not participating in an e-community domain. IBM X-Force ID: 128687.
CVE-2017-11718	Med	0.40	6.1	0.00	Jul 28, 2017	There is URL Redirector Abuse in MetInfo through 5.3.17 via the gourl parameter to member/login.php.
CVE-2017-11586	Med	0.40	6.1	0.07	Jul 24, 2017	dayrui FineCms 5.0.9 has URL Redirector Abuse via the url parameter in a sync action, related to controllers/Weixin.php.
CVE-2017-1223	Med	0.40	6.1	0.00	Jul 19, 2017	IBM Tivoli Endpoint Manager could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to spoof the URL displayed to redirect a user to a malicious Web site that would appear to be trusted. This could allow the attacker to obtain highly sensitive information or conduct further attacks against the victim. IBM X-Force ID: 123902.

CVE-2017-12344MedNov 30, 2017
risk 0.40cvss 6.1epss 0.00
Multiple vulnerabilities in Cisco Data Center Network Manager (DCNM) Software could allow a remote attacker to inject arbitrary values into DCNM configuration parameters, redirect a user to a malicious website, inject malicious content into a DCNM client interface, or conduct a cross-site scripting (XSS) attack against a user of the affected software. Cisco Bug IDs: CSCvf40477, CSCvf63150, CSCvf68218, CSCvf68235, CSCvf68247.
CVE-2017-1000163MedNov 17, 2017
risk 0.40cvss 6.1epss 0.02
The Phoenix Framework versions 1.0.0 through 1.0.4, 1.1.0 through 1.1.6, 1.2.0, 1.2.2 and 1.3.0-rc.0 are vulnerable to unvalidated URL redirection, which may result in phishing or social engineering attacks.
CVE-2017-16761MedNov 10, 2017
risk 0.40cvss 6.1epss 0.00
An Open Redirect vulnerability in Inedo BuildMaster before 5.8.2 allows remote attackers to redirect users to arbitrary web sites.
CVE-2017-14358MedOct 31, 2017
risk 0.40cvss 6.1epss 0.00
A URL redirection to untrusted site vulnerability in HP ArcSight ESM and HP ArcSight ESM Express, in any 6.x version prior to 6.9.1c Patch 4 or 6.11.0 Patch 1. This vulnerability could be exploited remotely to allow URL redirection to untrusted site.
CVE-2015-6961MedOct 18, 2017
risk 0.40cvss 6.1epss 0.00
Open redirect vulnerability in gluon/tools.py in Web2py 2.9.11 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the _next parameter to user/logout.
CVE-2015-7943MedOct 18, 2017
risk 0.40cvss 6.1epss 0.01
Open redirect vulnerability in the Overlay module in Drupal 7.x before 7.41, the jQuery Update module 7.x-2.x before 7.x-2.7 for Drupal, and the LABjs module 7.x-1.x before 7.x-1.8 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-3233.
CVE-2017-8047MedOct 4, 2017
risk 0.40cvss 6.1epss 0.00
In Cloud Foundry router routing-release all versions prior to v0.163.0 and cf-release all versions prior to v274, in some applications, it is possible to append a combination of characters to the URL that will allow for an open redirect. An attacker could exploit this as a phishing attack to gain access to user credentials or other sensitive data. NOTE: 274 resolves the vulnerability but has a serious bug that is fixed in 275.
CVE-2017-14525MedSep 28, 2017
risk 0.40cvss 6.1epss 0.00
Multiple open redirect vulnerabilities in OpenText Documentum Webtop 6.8.0160.0073 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a (1) URL in the startat parameter to xda/help/en/default.htm or (2) /%09/ (slash encoded horizontal tab slash) followed by a domain in the redirectUrl parameter to xda/component/virtuallinkconnect.
CVE-2017-14524MedSep 28, 2017
risk 0.40cvss 6.1epss 0.01
Multiple open redirect vulnerabilities in OpenText Documentum Administrator 7.2.0180.0055 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a (1) URL in the startat parameter to xda/help/en/default.htm or (2) /%09/ (slash encoded horizontal tab slash) followed by a domain in the redirectUrl parameter to xda/component/virtuallinkconnect.
CVE-2015-5608MedSep 20, 2017
risk 0.40cvss 6.1epss 0.00
Open redirect vulnerability in Joomla! CMS 3.0.0 through 3.4.1.
CVE-2015-2750MedSep 13, 2017
risk 0.40cvss 6.1epss 0.01
Open redirect vulnerability in URL-related API functions in Drupal 6.x before 6.35 and 7.x before 7.35 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via vectors involving the "//" initial sequence.
CVE-2015-2749MedSep 13, 2017
risk 0.40cvss 6.1epss 0.01
Open redirect vulnerability in Drupal 6.x before 6.35 and 7.x before 7.35 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the destination parameter.
CVE-2015-5054MedSep 11, 2017
risk 0.40cvss 6.1epss 0.00
Open redirect vulnerability in Ellucian (formerly SunGard) Banner Student 8.5.1.2 through 8.7 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in an unspecified parameter.
CVE-2017-1450MedAug 31, 2017
risk 0.40cvss 6.1epss 0.00
IBM Emptoris Sourcing 9.5 - 10.1.3 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to spoof the URL displayed to redirect a user to a malicious Web site that would appear to be trusted. This could allow the attacker to obtain highly sensitive information or conduct further attacks against the victim. IBM X-Force ID: 128177.
CVE-2017-14038MedAug 30, 2017
risk 0.40cvss 6.1epss 0.00
CrushFTP before 7.8.0 and 8.x before 8.2.0 has a redirect vulnerability.
CVE-2017-1195MedAug 29, 2017
risk 0.40cvss 6.1epss 0.00
IBM Curam Social Program Management 6.0, 6.1, 6.2, and 7.0 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to spoof the URL displayed to redirect a user to a malicious Web site that would appear to be trusted. This could allow the attacker to obtain highly sensitive information or conduct further attacks against the victim. IBM X-Force ID: 123670.
CVE-2017-1489MedAug 29, 2017
risk 0.40cvss 6.1epss 0.00
IBM Security Access Manager 6.1, 7.0, 8.0, and 9.0 e-community configurations may be affected by a redirect vulnerability. ECSSO Master Authentication can redirect to a server not participating in an e-community domain. IBM X-Force ID: 128687.
CVE-2017-11718MedJul 28, 2017
risk 0.40cvss 6.1epss 0.00
There is URL Redirector Abuse in MetInfo through 5.3.17 via the gourl parameter to member/login.php.
CVE-2017-11586MedJul 24, 2017
risk 0.40cvss 6.1epss 0.07
dayrui FineCms 5.0.9 has URL Redirector Abuse via the url parameter in a sync action, related to controllers/Weixin.php.
CVE-2017-1223MedJul 19, 2017
risk 0.40cvss 6.1epss 0.00
IBM Tivoli Endpoint Manager could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to spoof the URL displayed to redirect a user to a malicious Web site that would appear to be trusted. This could allow the attacker to obtain highly sensitive information or conduct further attacks against the victim. IBM X-Force ID: 123902.