216.73.216.133

CVE-2024-7312

· Published 11/09/2024 16:15 · Modified 13/09/2024 16:27

Labels: CVE-2024-7312 2024-09-11769c9ae7-73c3-4e47-ae19-903170fc3eb8CVE-2024-7312CWE-601

Essential information

Published
11/09/2024 16:15
Modified
13/09/2024 16:27
Author
Creator
CVSS
6.1 MEDIUM (v3.1)
CISA KEV
No
CWE
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

CVSS metrics

Description

URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Payara Platform Payara Server (REST Management Interface modules) allows Session Hijacking.This issue affects Payara Server: from 6.0.0 before 6.18.0, from 6.2022.1 before 6.2024.9, from 5.2020.2 before 5.2022.5, from 5.20.0 before 5.67.0, from 4.1.2.191.0 before 4.1.2.191.50.

NVD status

Status
Analyzed — CVE has been marked for Analysis. Normally once in this state the CVE will be analyzed by NVD staff within 24 hours.
Source
769c9ae7-73c3-4e47-ae19-903170fc3eb8
NVD
View on NVD

Affected products (CPE)

ProductCPE
payara / payara cpe:2.3:a:payara:payara:*:*:*:*:community:*:*:*
payara / payara cpe:2.3:a:payara:payara:*:*:*:*:enterprise:*:*:*
payara / payara cpe:2.3:a:payara:payara:*:*:*:*:community:*:*:*
payara / payara cpe:2.3:a:payara:payara:*:*:*:*:enterprise:*:*:*
payara / payara cpe:2.3:a:payara:payara:*:*:*:*:community:*:*:*

References