URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Payara Platform Payara Server (REST Management Interface modules) allows Session Hijacking.This issue affects Payara Server: from 6.0.0 before 6.18.0, from 6.2022.1 before 6.2024.9, from 5.2020.2 before 5.2022.5, from 5.20.0 before 5.67.0, from 4.1.2.191.0 before 4.1.2.191.50.
References
Configurations
Configuration 1 (hide)
|
History
13 Sep 2024, 16:27
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
|
First Time |
Payara
Payara payara |
|
CPE | cpe:2.3:a:payara:payara:*:*:*:*:community:*:*:* cpe:2.3:a:payara:payara:*:*:*:*:enterprise:*:*:* |
|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 6.1 |
References | () https://docs.payara.fish/enterprise/docs/5.67.0/Release%20Notes/Release%20Notes%205.67.0.html - Release Notes | |
References | () https://docs.payara.fish/enterprise/docs/Release%20Notes/Release%20Notes%206.18.0.html - Release Notes |
11 Sep 2024, 20:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
11 Sep 2024, 16:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-09-11 16:15
Updated : 2024-09-13 16:27
NVD link : CVE-2024-7312
Mitre link : CVE-2024-7312
CVE.ORG link : CVE-2024-7312
JSON object : View
Products Affected
payara
- payara
CWE
CWE-601
URL Redirection to Untrusted Site ('Open Redirect')