The package authelia-bhf included in Beckhoffs TwinCAT/BSD is prone to an open redirect that allows a remote unprivileged attacker to redirect a user to another site. This may have limited impact to integrity and does solely affect anthelia-bhf the Beckhoff fork of authelia.
References
Link | Resource |
---|---|
https://cert.vde.com/en/advisories/VDE-2023-067/ | Third Party Advisory |
https://download.beckhoff.com/download/Document/product-security/Advisories/advisory-2023-001.pdf | Vendor Advisory |
Configurations
Configuration 1 (hide)
AND |
|
History
19 Dec 2023, 18:35
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 4.7 |
CPE | cpe:2.3:a:beckhoff:authelia-bhf:*:*:*:*:*:*:*:* cpe:2.3:o:beckhoff:twincat\/bsd:-:*:*:*:*:*:*:* |
|
References | () https://download.beckhoff.com/download/Document/product-security/Advisories/advisory-2023-001.pdf - Vendor Advisory | |
References | () https://cert.vde.com/en/advisories/VDE-2023-067/ - Third Party Advisory |
14 Dec 2023, 14:49
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-12-14 14:15
Updated : 2024-02-15 11:15
NVD link : CVE-2023-6545
Mitre link : CVE-2023-6545
CVE.ORG link : CVE-2023-6545
JSON object : View
Products Affected
beckhoff
- authelia-bhf
- twincat\/bsd
CWE
CWE-601
URL Redirection to Untrusted Site ('Open Redirect')