Vulnerability Details : CVE-2017-18262
Blackboard Learn (Since at least 17th of October 2017) has allowed Unvalidated Redirects on any signed-in user through its endpoints for handling Shibboleth logins, as demonstrated by a webapps/bb-auth-provider-shibboleth-BBLEARN/execute/shibbolethLogin?returnUrl= URI.
Vulnerability category: Open redirectInput validation
Products affected by CVE-2017-18262
- cpe:2.3:a:blackboard:blackboard_learn:*:*:*:*:*:*:*:*
- cpe:2.3:a:blackboard:blackboard_learn:9.1:q4_2015:*:*:*:*:*:*
- cpe:2.3:a:blackboard:blackboard_learn:9.1:q4_2017:*:*:*:*:*:*
- cpe:2.3:a:blackboard:blackboard_learn:9.1:q2_2017:*:*:*:*:*:*
- cpe:2.3:a:blackboard:blackboard_learn:9.1:q4_2016:*:*:*:*:*:*
- cpe:2.3:a:blackboard:blackboard_learn:9.1:q2_2016:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2017-18262
0.12%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 46 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2017-18262
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
5.8
|
MEDIUM | AV:N/AC:M/Au:N/C:P/I:P/A:N |
8.6
|
4.9
|
NIST | |
6.1
|
MEDIUM | CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N |
2.8
|
2.7
|
NIST |
CWE ids for CVE-2017-18262
-
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.Assigned by: nvd@nist.gov (Primary)
-
The web application accepts a user-controlled input that specifies a link to an external site, and uses that link in a redirect.Assigned by: nvd@nist.gov (Primary)
References for CVE-2017-18262
-
http://www.securitytracker.com/id/1040767
Blackboard Learn Open Redirect Flaw in Shibboleth Authentication Provider Lets Remote Users Redirect the Target User's Browser to an Arbitrary Site - SecurityTrackerThird Party Advisory;VDB Entry
-
https://ethan.pm/blackboard.txt
Third Party Advisory
-
http://seclists.org/fulldisclosure/2018/Apr/57
Full Disclosure: Unvalidated Redirect in Shibboleth component of Blackboard LearnMailing List;Third Party Advisory
Jump to