Vulnerability Details : CVE-2017-16652
An issue was discovered in Symfony 2.7.x before 2.7.38, 2.8.x before 2.8.31, 3.2.x before 3.2.14, and 3.3.x before 3.3.13. DefaultAuthenticationSuccessHandler or DefaultAuthenticationFailureHandler takes the content of the _target_path parameter and generates a redirect response, but no check is performed on the path, which could be an absolute URL to an external domain. This Open redirect vulnerability can be exploited for example to mount effective phishing attacks.
Vulnerability category: Open redirect
Products affected by CVE-2017-16652
- cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
- cpe:2.3:a:sensiolabs:symfony:*:*:*:*:*:*:*:*
- cpe:2.3:a:sensiolabs:symfony:*:*:*:*:*:*:*:*
- cpe:2.3:a:sensiolabs:symfony:*:*:*:*:*:*:*:*
- cpe:2.3:a:sensiolabs:symfony:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2017-16652
0.07%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 32 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2017-16652
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
5.8
|
MEDIUM | AV:N/AC:M/Au:N/C:P/I:P/A:N |
8.6
|
4.9
|
NIST | |
6.1
|
MEDIUM | CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N |
2.8
|
2.7
|
NIST |
CWE ids for CVE-2017-16652
-
The web application accepts a user-controlled input that specifies a link to an external site, and uses that link in a redirect.Assigned by: nvd@nist.gov (Primary)
References for CVE-2017-16652
-
https://symfony.com/blog/cve-2017-16652-open-redirect-vulnerability-on-security-handlers
CVE-2017-16652: Open redirect vulnerability on security handlers (Symfony Blog)Vendor Advisory
-
https://lists.debian.org/debian-lts-announce/2019/03/msg00009.html
[SECURITY] [DLA 1707-1] symfony security updateThird Party Advisory
Jump to