Open Redirect Vulnerability in Ellucian Banner Student
CVE-2015-5054

6.1MEDIUM

Key Information:

Vendor: Ellucian
Status: Banner Student
Vendor: CVE Published:; 11 September 2017

What is CVE-2015-5054?

The open redirect vulnerability in Ellucian Banner Student (versions 8.5.1.2 through 8.7) allows remote attackers to redirect users to arbitrary websites. By exploiting this flaw, attackers can conduct phishing attacks via an unspecified parameter in the URL. This vulnerability poses a serious risk to users’ sensitive information and the integrity of web applications.

References

http://packetstormsecurity.com/files/134622/Banner-Studen...

x_refsource_MISC

http://www.securityfocus.com/archive/1/537029/100/0/threaded

mailing-listx_refsource_BUGTRAQ

CVSS V3.1

Score:

6.1

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 11, 2017
Vulnerability Reserved
Jun 24, 2015

CVE-2015-5054 Data

JSON