Open Redirect Vulnerabilities in OpenText Documentum Administrator
CVE-2017-14524

6.1MEDIUM

Key Information:

Vendor
Opentext
Vendor
CVE Published:
28 September 2017

Summary

OpenText Documentum Administrator 7.2.0180.0055 is exposed to multiple open redirect vulnerabilities. These vulnerabilities enable remote attackers to redirect users to arbitrary external websites. This is achieved through manipulation of specific parameters in the URL, namely the startat parameter to xda/help/en/default.htm and the redirectUrl parameter. If exploited, such vulnerabilities can facilitate phishing attacks, compromising user credentials and potentially leading to further security threats.

References

EPSS Score

7% chance of being exploited in the next 30 days.

CVSS V3.1

Score:
6.1
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.