Products
1E Platform
Source
security@1e.com
Tags
CVE-2024-7211 details
Published : Aug. 1, 2024, 5:16 p.m.
Last Modified : Aug. 1, 2024, 5:16 p.m.
Last Modified : Aug. 1, 2024, 5:16 p.m.
Description
The Identity Server used by 1E Platform could enable URL redirection to untrusted sites. Note: The Identity Server on 1E Platform has been updated with the necessary patch.
CVSS Score
1 | 2 | 3 | 4.7 | 5 | 6 | 7 | 8 | 9 | 10 |
---|
Weakness
Weakness | Name | Description |
---|
CVSS Data
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
Base Score
4.7
Exploitability Score
2.8
Impact Score
1.4
Base Severity
MEDIUM
Vector String : CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N
References
URL | Source |
---|---|
https://www.1e.com/trust-security-compliance/cve-info/ | security@1e.com |
This website uses the NVD API, but is not approved or certified by it.