CVE-2017-7266 Information

Description

Netflix Security Monkey before 0.8.0 has an Open Redirect. The logout functionality accepted the \next\ parameter which then redirects to any domain irrespective of the Host header.

CVSS Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Reference

http://www.securityfocus.com/bid/97088 https://github.com/Netflix/security_monkey/commit/3b4da13efabb05970c80f464a50d3c1c12262466 https://github.com/Netflix/security_monkey/pull/482 https://github.com/Netflix/security_monkey/releases/tag/v0.8.0

Attack Complexity

LOW

Privileges Required

NONE

User Interaction Required

NONE

Scope

REQUIRED

Confidentiality Impact

CHANGED

Integrity Impact

LOW

Availability Impact

LOW

Base Score

NONE

Base Severity

6.1