Overview
- Description
- URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Payara Platform Payara Server, Micro and Embedded (Servlet Implementation modules) allows Redirect Access to Libraries.This issue affects Payara Server, Micro and Embedded: from 5.0.0 before 5.57.0, from 4.1.2.191 before 4.1.2.191.46, from 6.0.0 before 6.8.0, from 6.2023.1 before 6.2023.11.
- Source
- 769c9ae7-73c3-4e47-ae19-903170fc3eb8
- NVD status
- Analyzed
Risk scores
CVSS 3.1
- Type
- Primary
- Base score
- 6.1
- Impact score
- 2.7
- Exploitability score
- 2.8
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
- Severity
- MEDIUM
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:payara:payara:*:*:*:*:community:*:*:*",
"vulnerable": true,
"matchCriteriaId": "ADFB7392-9992-4248-BDAB-2320A4C59274",
"versionEndExcluding": "4.1.2.191.46",
"versionStartIncluding": "4.1.2.191"
},
{
"criteria": "cpe:2.3:a:payara:payara:*:*:*:*:enterprise:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A4D9499F-D000-47D3-93ED-853F62375552",
"versionEndExcluding": "5.57.0",
"versionStartIncluding": "5.0.0"
},
{
"criteria": "cpe:2.3:a:payara:payara:*:*:*:*:enterprise:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0DAE4FFA-8969-4B46-8D23-D3B513FFE294",
"versionEndExcluding": "6.8.0",
"versionStartIncluding": "6.0.0"
},
{
"criteria": "cpe:2.3:a:payara:payara:*:*:*:*:community:*:*:*",
"vulnerable": true,
"matchCriteriaId": "58FBC93E-5A50-436A-98D9-11F4D12AEB4B",
"versionEndExcluding": "6.2023.11",
"versionStartIncluding": "6.2023.1"
}
],
"operator": "OR"
}
]
}
]