CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2017-1000027

Koozali Foundation SME Server versions 8.x, 9.x, 10.x are vulnerable to an open URL redirect vulnerability in the user web login function resulting in unauthorized account access.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.021

EPSS Ranking 83.3%

CVSS Severity

CVSS v3 Score 6.1

CVSS v2 Score 5.8

References

https://cp270.wordpress.com/2017/02/02/security-advisory-open-url-redirect-in-sme-server/
https://forums.contribs.org/index.php/topic%2C52838.0.html
https://cp270.wordpress.com/2017/02/02/security-advisory-open-url-redirect-in-sme-server/
https://forums.contribs.org/index.php/topic%2C52838.0.html

Products affected by CVE-2017-1000027

Koozali » Sme Server » Version: 10.0

cpe:2.3:a:koozali:sme_server:10.0
Koozali » Sme Server » Version: 8.0

cpe:2.3:a:koozali:sme_server:8.0
Koozali » Sme Server » Version: 9.0

cpe:2.3:a:koozali:sme_server:9.0
Koozali » Sme Server » Version: 9.2

cpe:2.3:a:koozali:sme_server:9.2

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2017-1000027

Products

Pricing

Contact Us