In Cloud Foundry router routing-release all versions prior to v0.163.0 and cf-release all versions prior to v274, in some applications, it is possible to append a combination of characters to the URL that will allow for an open redirect. An attacker could exploit this as a phishing attack to gain access to user credentials or other sensitive data. NOTE: 274 resolves the vulnerability but has a serious bug that is fixed in 275.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://www.cloudfoundry.org/cve-2017-8047/ |
History
No history.
MITRE
Status: PUBLISHED
Assigner: dell
Published: 2017-10-03T07:00:00
Updated: 2024-08-05T16:19:29.849Z
Reserved: 2017-04-21T00:00:00
Link: CVE-2017-8047
Vulnrichment
No data.
NVD
Status : Modified
Published: 2017-10-04T01:29:03.620
Modified: 2024-11-21T03:33:12.897
Link: CVE-2017-8047
Redhat
No data.