Published: 19/05/2017 Updated: 31/05/2017

CVSS v2 Base Score: 5.8 | Impact Score: 4.9 | Exploitability Score: 8.6

CVSS v3 Base Score: 6.1 | Impact Score: 2.7 | Exploitability Score: 2.8

VMScore: 516

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:N

After logging into the portal, the logout jsp page redirects the browser back to the login page after. It is feasible for malicious users to redirect the browser to an unintended web page in Apache jUDDI 3.1.2, 3.1.3, 3.1.4, and 3.1.5 when utilizing the portlets based user interface also known as 'Pluto', 'jUDDI Portal', 'UDDI Portal' or 'uddi-console'. User session data, credentials, and auth tokens are cleared before the redirect.

Vulnerable Product	Search on Vulmon	Subscribe to Product
apache juddi 3.1.2
apache juddi 3.1.4
apache juddi 3.1.3
apache juddi 3.1.5

After logging into the portal, the logout jsp page redirects the browser back to the login page after It is feasible for malicious users to redirect the browser to an unintended web page in Apache jUDDI 312, 313, 314, and 315 when utilizing the portlets based user interface also known as 'Pluto', 'jUDDI Portal', 'UDDI Portal' or 'uddi-cons ...

CWE-601 http://juddi.apache.org/security.html https://nvd.nist.gov https://access.redhat.com/security/cve/cve-2015-5241

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2015-5241

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect