Open redirect in Crowd

#VU31132 Open redirect in Crowd

Published: 2019-03-29 | Updated: 2020-07-17

Vulnerability identifier: #VU31132

Vulnerability risk: Low

CVSSv3.1: 5.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2017-18109

CWE-ID: CWE-601

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
Crowd
Server applications / Directory software, identity management

Vendor: Atlassian

Description

The vulnerability allows a remote non-authenticated attacker to read and manipulate data.

The login resource of CrowdId in Atlassian Crowd before version 3.0.2 and from version 3.1.0 before version 3.1.1 allows remote attackers to redirect users to a different website which they may use as part of performing a phishing attack via an open redirect.

Mitigation
Install update from vendor's website.

Vulnerable software versions

Crowd: 3.0.0 - 3.0.1

External links
http://jira.atlassian.com/browse/CWD-5071

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Multiple vulnerabilities in Atlassian Crowd