Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2014-7294

Overview

Vulnerability Score 5.8 5.8
CVE Id CVE-2014-7294
Last Modified 05 Jan 2015 04:06:20
Published 02 Jan 2015 03:59:01
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2014-7294

Summary

Open redirect vulnerability in the logon page in NYU OpenSSO Integration 2.1 and earlier for Ex Libris Patron Directory Services (PDS) allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the url parameter.

Vulnerable Systems

Application

  • Nyu Opensso Integration 2.1


References

MISC - http://tetraph.com/security/cves/cve-2014-7294-ex-libris-patron-directory-services-pds-open-redirect-security-vulnerability/

FULLDISC - 20141229 CVE-2014-7294 Ex Libris Patron Directory Services (PDS) Open Redirect Security Vulnerability

MISC - http://packetstormsecurity.com/files/129756/Ex-Libris-Patron-Directory-Services-2.1-Open-Redirect.html


Last Updated: 27 May 2016 11:07:25