CVE-2017-18262

{"id": "CVE-2017-18262", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.8, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 4.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "CHANGED", "version": "3.0", "baseScore": 6.1, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "impactScore": 2.7, "exploitabilityScore": 2.8}]}, "published": "2018-04-30T13:29:00.260", "references": [{"url": "http://seclists.org/fulldisclosure/2018/Apr/57", "tags": ["Mailing List", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.securitytracker.com/id/1040767", "tags": ["Third Party Advisory", "VDB Entry"], "source": "cve@mitre.org"}, {"url": "https://ethan.pm/blackboard.txt", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-20"}, {"lang": "en", "value": "CWE-601"}]}], "descriptions": [{"lang": "en", "value": "Blackboard Learn (Since at least 17th of October 2017) has allowed Unvalidated Redirects on any signed-in user through its endpoints for handling Shibboleth logins, as demonstrated by a webapps/bb-auth-provider-shibboleth-BBLEARN/execute/shibbolethLogin?returnUrl= URI."}, {"lang": "es", "value": "Blackboard Learn (desde, al menos, el 17 de octubre de 2017) ha permitido redirecciones no validadas en cualquier usuario que haya iniciado sesi\u00f3n mediante sus endpoints para gestionar inicios de sesi\u00f3n de Shibboleth. Esto se demuestra por un URI webapps/bb-auth-provider-shibboleth-BBLEARN/execute/shibbolethLogin?returnUrl=."}], "lastModified": "2018-06-12T18:15:21.677", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:blackboard:blackboard_learn:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "30CF5A1E-02A2-4D02-A215-33B458C9DDB8", "versionEndIncluding": "9.1"}, {"criteria": "cpe:2.3:a:blackboard:blackboard_learn:9.1:q2_2016:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E0E0E9DB-BC5C-4F68-BCBD-9E4EA81D7755"}, {"criteria": "cpe:2.3:a:blackboard:blackboard_learn:9.1:q2_2017:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "241DD4F3-BD1C-45AB-9F33-6F795BC87506"}, {"criteria": "cpe:2.3:a:blackboard:blackboard_learn:9.1:q4_2015:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "426531EE-872D-4C4A-B4E0-E9AC45EFD4B7"}, {"criteria": "cpe:2.3:a:blackboard:blackboard_learn:9.1:q4_2016:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0C800C52-41EA-4707-94F0-56582DED6CB7"}, {"criteria": "cpe:2.3:a:blackboard:blackboard_learn:9.1:q4_2017:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7D069CC7-307A-466A-B9AB-E76767F7E762"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}