CVE-2015-5054

Published Sep 11, 2017

Last updated 6 years ago

CVSS medium 6.1

Overview

Description: Open redirect vulnerability in Ellucian (formerly SunGard) Banner Student 8.5.1.2 through 8.7 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in an unspecified parameter.
Source: cve@mitre.org
NVD status: Modified

Risk scores

CVSS 3.0

Type: Primary
Base score: 6.1
Impact score: 2.7
Exploitability score: 2.8
Vector string: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Severity: MEDIUM

CVSS 2.0

Type: Primary
Base score: 5.8
Impact score: 4.9
Exploitability score: 8.6
Vector string: AV:N/AC:M/Au:N/C:P/I:P/A:N

Weaknesses

nvd@nist.gov: CWE-601

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:ellucian:banner_student:8.5.1.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A5FE786C-DB21-49D0-BC41-C9581109EB28"
          },
          {
            "criteria": "cpe:2.3:a:ellucian:banner_student:8.6.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "66E260EE-09DF-4AC7-BBA6-AC2D4C1DB5DF"
          },
          {
            "criteria": "cpe:2.3:a:ellucian:banner_student:8.6.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9D5ED9D0-B74E-4B37-9C39-E1BF3D4F8CEC"
          },
          {
            "criteria": "cpe:2.3:a:ellucian:banner_student:8.6.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "ADCBA3CD-D466-44F5-8C55-6E502D7A0556"
          },
          {
            "criteria": "cpe:2.3:a:ellucian:banner_student:8.6.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0D68A309-B710-4871-B1B6-7997BD271D3C"
          },
          {
            "criteria": "cpe:2.3:a:ellucian:banner_student:8.6.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "237CDFDF-272E-47A8-B721-D4CD2E9BB830"
          },
          {
            "criteria": "cpe:2.3:a:ellucian:banner_student:8.6.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5D211CD4-3144-4B35-995A-C2570DBD6103"
          },
          {
            "criteria": "cpe:2.3:a:ellucian:banner_student:8.6.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1AE8C92C-A8C8-44DD-B4A0-06F93420F81A"
          },
          {
            "criteria": "cpe:2.3:a:ellucian:banner_student:8.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "51982C4B-E669-4C5D-BAD1-9C3772D90AC0"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 3.0

CVSS 2.0

Weaknesses

Social media

Configurations

References