Vulnerability Details : CVE-2016-7137

Multiple open redirect vulnerabilities in Plone CMS 5.x through 5.0.6, 4.x through 4.3.11, and 3.3.x through 3.3.6 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the referer parameter to (1) %2b%2bgroupdashboard%2b%2bplone.dashboard1%2bgroup/%2b/portlets.Actions or (2) folder/%2b%2bcontextportlets%2b%2bplone.footerportlets/%2b /portlets.Actions or the (3) came_from parameter to /login_form.

Vulnerability category: Open redirect

Published 2017-03-07 16:59:01

Updated 2018-10-09 20:00:53

Source MITRE

View at NVD, CVE.org

Exploit prediction scoring system (EPSS) score for CVE-2016-7137

Probability of exploitation activity in the next 30 days: 0.34%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 68 % EPSS Score History EPSS FAQ

CVSS scores for CVE-2016-7137

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Source
5.8	MEDIUM	AV:N/AC:M/Au:N/C:P/I:P/A:N	8.6	4.9	nvd@nist.gov
Access Vector: Network Access Complexity: Medium Authentication: None Confidentiality Impact: Partial Integrity Impact: Partial Availability Impact: None
6.1	MEDIUM	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N	2.8	2.7	nvd@nist.gov
Attack Vector: Network Attack Complexity: Low Privileges Required: None User Interaction: Required Scope: Changed Confidentiality: Low Integrity: Low Availability: None

CWE ids for CVE-2016-7137

CWE-601 URL Redirection to Untrusted Site ('Open Redirect')

A web application accepts a user-controlled input that specifies a link to an external site, and uses that link in a Redirect. This simplifies phishing attacks.

Assigned by: nvd@nist.gov (Primary)

References for CVE-2016-7137

http://seclists.org/fulldisclosure/2016/Oct/80

Full Disclosure: Multiple Vulnerabilities in Plone CMS
Third Party Advisory;VDB Entry

CVEs referencing this url
http://www.securityfocus.com/archive/1/539572/100/0/threaded

SecurityFocus

CVEs referencing this url
http://www.openwall.com/lists/oss-security/2016/09/05/4

oss-security - Re: CVE request: Plone multiple vulnerabilities
Mailing List;Patch;Third Party Advisory

CVEs referencing this url
http://www.openwall.com/lists/oss-security/2016/09/05/5

oss-security - Re: CVE request: Plone multiple vulnerabilities
Mailing List;Patch;Third Party Advisory

CVEs referencing this url
http://www.securityfocus.com/bid/92752

Plone Multiple Security vulnerabilities

CVEs referencing this url
https://plone.org/security/hotfix/20160830/open-redirection-in-plone

Open Redirection in Plone — Plone.org
Vendor Advisory
http://packetstormsecurity.com/files/139110/Plone-CMS-4.3.11-5.0.6-XSS-Traversal-Open-Redirection.html

Plone CMS 4.3.11 / 5.0.6 XSS / Traversal / Open Redirection ≈ Packet Storm
Exploit;Third Party Advisory;VDB Entry

CVEs referencing this url

Products affected by CVE-2016-7137

Plone » Plone » Version: 3.3
cpe:2.3:a:plone:plone:3.3:*:*:*:*:*:*:*
Matching versions
Plone » Plone » Version: 3.3.2
cpe:2.3:a:plone:plone:3.3.2:*:*:*:*:*:*:*
Matching versions
Plone » Plone » Version: 3.3.4
cpe:2.3:a:plone:plone:3.3.4:*:*:*:*:*:*:*
Matching versions
Plone » Plone » Version: 3.3.5
cpe:2.3:a:plone:plone:3.3.5:*:*:*:*:*:*:*
Matching versions
Plone » Plone » Version: 3.3.1
cpe:2.3:a:plone:plone:3.3.1:*:*:*:*:*:*:*
Matching versions
Plone » Plone » Version: 3.3.3
cpe:2.3:a:plone:plone:3.3.3:*:*:*:*:*:*:*
Matching versions
Plone » Plone » Version: 4.0
cpe:2.3:a:plone:plone:4.0:*:*:*:*:*:*:*
Matching versions
Plone » Plone » Version: 4.0.1
cpe:2.3:a:plone:plone:4.0.1:*:*:*:*:*:*:*
Matching versions
Plone » Plone » Version: 4.0.5
cpe:2.3:a:plone:plone:4.0.5:*:*:*:*:*:*:*
Matching versions
Plone » Plone » Version: 4.0.4
cpe:2.3:a:plone:plone:4.0.4:*:*:*:*:*:*:*
Matching versions
Plone » Plone » Version: 4.0.3
cpe:2.3:a:plone:plone:4.0.3:*:*:*:*:*:*:*
Matching versions
Plone » Plone » Version: 4.0.2
cpe:2.3:a:plone:plone:4.0.2:*:*:*:*:*:*:*
Matching versions
Plone » Plone » Version: 4.1
cpe:2.3:a:plone:plone:4.1:*:*:*:*:*:*:*
Matching versions
Plone » Plone » Version: 3.3.6
cpe:2.3:a:plone:plone:3.3.6:*:*:*:*:*:*:*
Matching versions
Plone » Plone » Version: 4.0.8
cpe:2.3:a:plone:plone:4.0.8:*:*:*:*:*:*:*
Matching versions
Plone » Plone » Version: 4.0.7
cpe:2.3:a:plone:plone:4.0.7:*:*:*:*:*:*:*
Matching versions
Plone » Plone » Version: 4.2
cpe:2.3:a:plone:plone:4.2:*:*:*:*:*:*:*
Matching versions
Plone » Plone » Version: 4.0.9
cpe:2.3:a:plone:plone:4.0.9:*:*:*:*:*:*:*
Matching versions
Plone » Plone » Version: 4.1.2
cpe:2.3:a:plone:plone:4.1.2:*:*:*:*:*:*:*
Matching versions
Plone » Plone » Version: 4.1.1
cpe:2.3:a:plone:plone:4.1.1:*:*:*:*:*:*:*
Matching versions
Plone » Plone » Version: 4.1.6
cpe:2.3:a:plone:plone:4.1.6:*:*:*:*:*:*:*
Matching versions
Plone » Plone » Version: 4.1.5
cpe:2.3:a:plone:plone:4.1.5:*:*:*:*:*:*:*
Matching versions
Plone » Plone » Version: 4.3
cpe:2.3:a:plone:plone:4.3:*:*:*:*:*:*:*
Matching versions
Plone » Plone » Version: 4.2.1
cpe:2.3:a:plone:plone:4.2.1:*:*:*:*:*:*:*
Matching versions
Plone » Plone » Version: 4.1.4
cpe:2.3:a:plone:plone:4.1.4:*:*:*:*:*:*:*
Matching versions
Plone » Plone » Version: 4.3.1
cpe:2.3:a:plone:plone:4.3.1:*:*:*:*:*:*:*
Matching versions
Plone » Plone » Version: 4.2.3
cpe:2.3:a:plone:plone:4.2.3:*:*:*:*:*:*:*
Matching versions
Plone » Plone » Version: 4.2.4
cpe:2.3:a:plone:plone:4.2.4:*:*:*:*:*:*:*
Matching versions
Plone » Plone » Version: 4.2.5
cpe:2.3:a:plone:plone:4.2.5:*:*:*:*:*:*:*
Matching versions
Plone » Plone » Version: 4.2.2
cpe:2.3:a:plone:plone:4.2.2:*:*:*:*:*:*:*
Matching versions
Plone » Plone » Version: 4.1.3
cpe:2.3:a:plone:plone:4.1.3:*:*:*:*:*:*:*
Matching versions
Plone » Plone » Version: 4.2.6
cpe:2.3:a:plone:plone:4.2.6:*:*:*:*:*:*:*
Matching versions
Plone » Plone » Version: 4.2.7
cpe:2.3:a:plone:plone:4.2.7:*:*:*:*:*:*:*
Matching versions
Plone » Plone » Version: 4.3.2
cpe:2.3:a:plone:plone:4.3.2:*:*:*:*:*:*:*
Matching versions
Plone » Plone » Version: 4.3.11
cpe:2.3:a:plone:plone:4.3.11:*:*:*:*:*:*:*
Matching versions
Plone » Plone » Version: 4.3.10
cpe:2.3:a:plone:plone:4.3.10:*:*:*:*:*:*:*
Matching versions
Plone » Plone » Version: 4.3.9
cpe:2.3:a:plone:plone:4.3.9:*:*:*:*:*:*:*
Matching versions
Plone » Plone » Version: 4.3.8
cpe:2.3:a:plone:plone:4.3.8:*:*:*:*:*:*:*
Matching versions
Plone » Plone » Version: 4.3.3
cpe:2.3:a:plone:plone:4.3.3:*:*:*:*:*:*:*
Matching versions
Plone » Plone » Version: 4.0.10
cpe:2.3:a:plone:plone:4.0.10:*:*:*:*:*:*:*
Matching versions
Plone » Plone » Version: 4.3.6
cpe:2.3:a:plone:plone:4.3.6:*:*:*:*:*:*:*
Matching versions
Plone » Plone » Version: 4.3.4
cpe:2.3:a:plone:plone:4.3.4:*:*:*:*:*:*:*
Matching versions
Plone » Plone » Version: 4.3.7
cpe:2.3:a:plone:plone:4.3.7:*:*:*:*:*:*:*
Matching versions
Plone » Plone » Version: 4.3.5
cpe:2.3:a:plone:plone:4.3.5:*:*:*:*:*:*:*
Matching versions
Plone » Plone » Version: 5.0 Update RC1
cpe:2.3:a:plone:plone:5.0:rc1:*:*:*:*:*:*
Matching versions
Plone » Plone » Version: 5.0 Update RC3
cpe:2.3:a:plone:plone:5.0:rc3:*:*:*:*:*:*
Matching versions
Plone » Plone » Version: 5.0.2
cpe:2.3:a:plone:plone:5.0.2:*:*:*:*:*:*:*
Matching versions
Plone » Plone » Version: 5.0.3
cpe:2.3:a:plone:plone:5.0.3:*:*:*:*:*:*:*
Matching versions
Plone » Plone » Version: 5.0.4
cpe:2.3:a:plone:plone:5.0.4:*:*:*:*:*:*:*
Matching versions
Plone » Plone » Version: 5.0
cpe:2.3:a:plone:plone:5.0:*:*:*:*:*:*:*
Matching versions
Plone » Plone » Version: 5.1a1
cpe:2.3:a:plone:plone:5.1a1:*:*:*:*:*:*:*
Matching versions
Plone » Plone » Version: 5.0 Update RC2
cpe:2.3:a:plone:plone:5.0:rc2:*:*:*:*:*:*
Matching versions
Plone » Plone » Version: 5.0.1
cpe:2.3:a:plone:plone:5.0.1:*:*:*:*:*:*:*
Matching versions
Plone » Plone » Version: 5.0 Update A1
cpe:2.3:a:plone:plone:5.0:a1:*:*:*:*:*:*
Matching versions
Plone » Plone » Version: 5.0.6
cpe:2.3:a:plone:plone:5.0.6:*:*:*:*:*:*:*
Matching versions
Plone » Plone » Version: 5.0.5
cpe:2.3:a:plone:plone:5.0.5:*:*:*:*:*:*:*
Matching versions