CVE-2017-9280 (GCVE-0-2017-9280)

Vulnerability from cvelistv5 – Published: 2018-03-02 20:00 – Updated: 2024-09-16 17:42
VLAI?
Summary
Some NetIQ Identity Manager Applications before Identity Manager 4.5.6.1 included the session token in GET URLs, potentially allowing exposure of user sessions to untrusted third parties via proxies, referer urls or similar.
Severity ?
4.3 (Medium)
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
CWE
  • information exposure due to unencrypted credentials in GET Urls
  • CWE-598
Assigner
References
Impacted products
Vendor Product Version
NetIQ Identity Manager Applications Affected: unspecified , < 4.5.6.1 (custom)
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T17:02:44.156Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://download.novell.com/Download?buildid=K7lbPAGJyIk~"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.suse.com/show_bug.cgi?id=1049143"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Identity Manager Applications",
          "vendor": "NetIQ",
          "versions": [
            {
              "lessThan": "4.5.6.1",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        }
      ],
      "datePublic": "2017-09-11T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Some NetIQ Identity Manager Applications before Identity Manager 4.5.6.1 included the session token in GET URLs, potentially allowing exposure of user sessions to untrusted third parties via proxies, referer urls or similar."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "information exposure due to unencrypted credentials in GET Urls",
              "lang": "en",
              "type": "text"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-598",
              "description": "CWE-598",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-01-06T16:16:01",
        "orgId": "f81092c5-7f14-476d-80dc-24857f90be84",
        "shortName": "microfocus"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://download.novell.com/Download?buildid=K7lbPAGJyIk~"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.suse.com/show_bug.cgi?id=1049143"
        }
      ],
      "source": {
        "defect": [
          "1049143"
        ],
        "discovery": "EXTERNAL"
      },
      "title": "Novell Identity Manager User Application get request url contains the session token.",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@microfocus.com",
          "DATE_PUBLIC": "2017-09-11T00:00:00.000Z",
          "ID": "CVE-2017-9280",
          "STATE": "PUBLIC",
          "TITLE": "Novell Identity Manager User Application get request url contains the session token."
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Identity Manager Applications",
                      "version": {
                        "version_data": [
                          {
                            "affected": "\u003c",
                            "version_affected": "\u003c",
                            "version_value": "4.5.6.1"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "NetIQ"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Some NetIQ Identity Manager Applications before Identity Manager 4.5.6.1 included the session token in GET URLs, potentially allowing exposure of user sessions to untrusted third parties via proxies, referer urls or similar."
            }
          ]
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "information exposure due to unencrypted credentials in GET Urls"
                }
              ]
            },
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-598"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://download.novell.com/Download?buildid=K7lbPAGJyIk~",
              "refsource": "CONFIRM",
              "url": "https://download.novell.com/Download?buildid=K7lbPAGJyIk~"
            },
            {
              "name": "https://bugzilla.suse.com/show_bug.cgi?id=1049143",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.suse.com/show_bug.cgi?id=1049143"
            }
          ]
        },
        "source": {
          "defect": [
            "1049143"
          ],
          "discovery": "EXTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f81092c5-7f14-476d-80dc-24857f90be84",
    "assignerShortName": "microfocus",
    "cveId": "CVE-2017-9280",
    "datePublished": "2018-03-02T20:00:00Z",
    "dateReserved": "2017-05-29T00:00:00",
    "dateUpdated": "2024-09-16T17:42:50.340Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:netiq:identity_manager:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"4.5.6.1\", \"matchCriteriaId\": \"B66D9825-C8A9-45E2-B932-BA2444FCA62E\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Some NetIQ Identity Manager Applications before Identity Manager 4.5.6.1 included the session token in GET URLs, potentially allowing exposure of user sessions to untrusted third parties via proxies, referer urls or similar.\"}, {\"lang\": \"es\", \"value\": \"Algunas versiones de NetIQ Identity Manager Applications anteriores a la Identity Manager 4.5.6.1 inclu\\u00edan el token de sesi\\u00f3n en las URL GET. Esto podr\\u00eda permitir se expongan sesiones de usuario a terceros mediante proxies, url de referencia o similares.\"}]",
      "id": "CVE-2017-9280",
      "lastModified": "2024-11-21T03:35:44.927",
      "metrics": "{\"cvssMetricV30\": [{\"source\": \"security@opentext.com\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.0\", \"vectorString\": \"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N\", \"baseScore\": 4.3, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"LOW\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 2.8, \"impactScore\": 1.4}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.0\", \"vectorString\": \"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\", \"baseScore\": 7.5, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 3.6}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:P/I:N/A:N\", \"baseScore\": 5.0, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"NONE\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 10.0, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2018-03-02T20:29:00.957",
      "references": "[{\"url\": \"https://bugzilla.suse.com/show_bug.cgi?id=1049143\", \"source\": \"security@opentext.com\"}, {\"url\": \"https://download.novell.com/Download?buildid=K7lbPAGJyIk~\", \"source\": \"security@opentext.com\"}, {\"url\": \"https://bugzilla.suse.com/show_bug.cgi?id=1049143\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://download.novell.com/Download?buildid=K7lbPAGJyIk~\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
      "sourceIdentifier": "security@opentext.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"security@opentext.com\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-598\"}]}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-200\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2017-9280\",\"sourceIdentifier\":\"security@opentext.com\",\"published\":\"2018-03-02T20:29:00.957\",\"lastModified\":\"2024-11-21T03:35:44.927\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Some NetIQ Identity Manager Applications before Identity Manager 4.5.6.1 included the session token in GET URLs, potentially allowing exposure of user sessions to untrusted third parties via proxies, referer urls or similar.\"},{\"lang\":\"es\",\"value\":\"Algunas versiones de NetIQ Identity Manager Applications anteriores a la Identity Manager 4.5.6.1 inclu\u00edan el token de sesi\u00f3n en las URL GET. Esto podr\u00eda permitir se expongan sesiones de usuario a terceros mediante proxies, url de referencia o similares.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"security@opentext.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N\",\"baseScore\":4.3,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.8,\"impactScore\":1.4},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:N/A:N\",\"baseScore\":5.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"security@opentext.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-598\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-200\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netiq:identity_manager:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"4.5.6.1\",\"matchCriteriaId\":\"B66D9825-C8A9-45E2-B932-BA2444FCA62E\"}]}]}],\"references\":[{\"url\":\"https://bugzilla.suse.com/show_bug.cgi?id=1049143\",\"source\":\"security@opentext.com\"},{\"url\":\"https://download.novell.com/Download?buildid=K7lbPAGJyIk~\",\"source\":\"security@opentext.com\"},{\"url\":\"https://bugzilla.suse.com/show_bug.cgi?id=1049143\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://download.novell.com/Download?buildid=K7lbPAGJyIk~\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.