Open Redirect Vulnerabilities in OpenText Documentum Administrator
CVE-2017-14524
6.1MEDIUM
Key Information:
- Vendor
- Opentext
- Vendor
- CVE Published:
- 28 September 2017
Summary
OpenText Documentum Administrator 7.2.0180.0055 is exposed to multiple open redirect vulnerabilities. These vulnerabilities enable remote attackers to redirect users to arbitrary external websites. This is achieved through manipulation of specific parameters in the URL, namely the startat parameter to xda/help/en/default.htm and the redirectUrl parameter. If exploited, such vulnerabilities can facilitate phishing attacks, compromising user credentials and potentially leading to further security threats.
References
EPSS Score
7% chance of being exploited in the next 30 days.
CVSS V3.1
Score:
6.1
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Changed
Timeline
Vulnerability published
Vulnerability Reserved