The 1E Platform's component utilized the third-party Duende Identity Server, which suffered from an open redirect vulnerability, permitting an attacker to control the redirection path of end users.
Note: 1E Platform's component utilizing the third-party Duende Identity Server has been updated with the patch that includes the fix.
References
Link | Resource |
---|---|
https://www.1e.com/trust-security-compliance/cve-info/ | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
06 Sep 2024, 13:23
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 6.1 |
CWE | CWE-601 | |
First Time |
1e
1e platform |
|
CPE | cpe:2.3:a:1e:platform:23.11.1.15:*:*:*:*:*:*:* cpe:2.3:a:1e:platform:23.7.1.80:*:*:*:*:*:*:* cpe:2.3:a:1e:platform:8.4.1.229:*:*:*:*:*:*:* cpe:2.3:a:1e:platform:24.7:*:*:*:*:*:*:* |
|
References | () https://www.1e.com/trust-security-compliance/cve-info/ - Vendor Advisory |
02 Aug 2024, 13:16
Type | Values Removed | Values Added |
---|---|---|
Summary | (en) The 1E Platform's component utilized the third-party Duende Identity Server, which suffered from an open redirect vulnerability, permitting an attacker to control the redirection path of end users. Note: 1E Platform's component utilizing the third-party Duende Identity Server has been updated with the patch that includes the fix. |
02 Aug 2024, 12:16
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
|
Summary | (en) The 1E Platform’s Identity Server was impacted by an open redirect vulnerability, allowing an attacker to dictate the redirection path of an end user. Note: The Identity Server on 1E Platform has been updated with the patch that includes the fix. |
01 Aug 2024, 17:16
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-08-01 17:16
Updated : 2024-09-06 13:23
NVD link : CVE-2024-7211
Mitre link : CVE-2024-7211
CVE.ORG link : CVE-2024-7211
JSON object : View
Products Affected
1e
- platform
CWE
CWE-601
URL Redirection to Untrusted Site ('Open Redirect')