CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-5409

Pivotal Concourse, most versions prior to 6.0.0, allows redirects to untrusted websites in its login flow. A remote unauthenticated attacker could convince a user to click on a link using the OAuth redirect link with an untrusted website and gain access to that user's access token in Concourse. (This issue is similar to, but distinct from, CVE-2018-15798.)

Exploit prediction scoring system (EPSS) score

EPSS Score 0.007

EPSS Ranking 70.5%

CVSS Severity

CVSS v3 Score 7.6

CVSS v2 Score 5.8

References

Products affected by CVE-2020-5409

Pivotal Software » Concourse » Version: 0.1.0

cpe:2.3:a:pivotal_software:concourse:0.1.0
Pivotal Software » Concourse » Version: 0.10.0

cpe:2.3:a:pivotal_software:concourse:0.10.0
Pivotal Software » Concourse » Version: 0.11.0

cpe:2.3:a:pivotal_software:concourse:0.11.0
Pivotal Software » Concourse » Version: 0.12.0

cpe:2.3:a:pivotal_software:concourse:0.12.0
Pivotal Software » Concourse » Version: 0.13.0

cpe:2.3:a:pivotal_software:concourse:0.13.0
Pivotal Software » Concourse » Version: 0.14.0

cpe:2.3:a:pivotal_software:concourse:0.14.0
Pivotal Software » Concourse » Version: 0.15.0

cpe:2.3:a:pivotal_software:concourse:0.15.0
Pivotal Software » Concourse » Version: 0.16.0

cpe:2.3:a:pivotal_software:concourse:0.16.0
Pivotal Software » Concourse » Version: 0.17.0

cpe:2.3:a:pivotal_software:concourse:0.17.0
Pivotal Software » Concourse » Version: 0.18.0

cpe:2.3:a:pivotal_software:concourse:0.18.0
Pivotal Software » Concourse » Version: 0.19.0

cpe:2.3:a:pivotal_software:concourse:0.19.0
Pivotal Software » Concourse » Version: 0.2.0

cpe:2.3:a:pivotal_software:concourse:0.2.0
Pivotal Software » Concourse » Version: 0.20.0

cpe:2.3:a:pivotal_software:concourse:0.20.0
Pivotal Software » Concourse » Version: 0.21.0

cpe:2.3:a:pivotal_software:concourse:0.21.0
Pivotal Software » Concourse » Version: 0.22.0

cpe:2.3:a:pivotal_software:concourse:0.22.0
Pivotal Software » Concourse » Version: 0.23.0

cpe:2.3:a:pivotal_software:concourse:0.23.0
Pivotal Software » Concourse » Version: 0.24.0

cpe:2.3:a:pivotal_software:concourse:0.24.0
Pivotal Software » Concourse » Version: 0.25.0

cpe:2.3:a:pivotal_software:concourse:0.25.0
Pivotal Software » Concourse » Version: 0.26.0

cpe:2.3:a:pivotal_software:concourse:0.26.0
Pivotal Software » Concourse » Version: 0.27.0

cpe:2.3:a:pivotal_software:concourse:0.27.0
Pivotal Software » Concourse » Version: 0.28.0

cpe:2.3:a:pivotal_software:concourse:0.28.0
Pivotal Software » Concourse » Version: 0.29.0

cpe:2.3:a:pivotal_software:concourse:0.29.0
Pivotal Software » Concourse » Version: 0.3.0

cpe:2.3:a:pivotal_software:concourse:0.3.0
Pivotal Software » Concourse » Version: 0.30.0

cpe:2.3:a:pivotal_software:concourse:0.30.0
Pivotal Software » Concourse » Version: 0.31.0

cpe:2.3:a:pivotal_software:concourse:0.31.0
Pivotal Software » Concourse » Version: 0.32.0

cpe:2.3:a:pivotal_software:concourse:0.32.0
Pivotal Software » Concourse » Version: 0.33.0

cpe:2.3:a:pivotal_software:concourse:0.33.0
Pivotal Software » Concourse » Version: 0.34.0

cpe:2.3:a:pivotal_software:concourse:0.34.0
Pivotal Software » Concourse » Version: 0.35.0

cpe:2.3:a:pivotal_software:concourse:0.35.0
Pivotal Software » Concourse » Version: 0.36.0

cpe:2.3:a:pivotal_software:concourse:0.36.0
Pivotal Software » Concourse » Version: 0.37.0

cpe:2.3:a:pivotal_software:concourse:0.37.0
Pivotal Software » Concourse » Version: 0.38.0

cpe:2.3:a:pivotal_software:concourse:0.38.0
Pivotal Software » Concourse » Version: 0.39.0

cpe:2.3:a:pivotal_software:concourse:0.39.0
Pivotal Software » Concourse » Version: 0.4.0

cpe:2.3:a:pivotal_software:concourse:0.4.0
Pivotal Software » Concourse » Version: 0.40.0

cpe:2.3:a:pivotal_software:concourse:0.40.0
Pivotal Software » Concourse » Version: 0.41.0

cpe:2.3:a:pivotal_software:concourse:0.41.0
Pivotal Software » Concourse » Version: 0.42.0

cpe:2.3:a:pivotal_software:concourse:0.42.0
Pivotal Software » Concourse » Version: 0.43.0

cpe:2.3:a:pivotal_software:concourse:0.43.0
Pivotal Software » Concourse » Version: 0.44.0

cpe:2.3:a:pivotal_software:concourse:0.44.0
Pivotal Software » Concourse » Version: 0.45.0

cpe:2.3:a:pivotal_software:concourse:0.45.0
Pivotal Software » Concourse » Version: 0.46.0

cpe:2.3:a:pivotal_software:concourse:0.46.0
Pivotal Software » Concourse » Version: 0.47.0

cpe:2.3:a:pivotal_software:concourse:0.47.0
Pivotal Software » Concourse » Version: 0.48.0

cpe:2.3:a:pivotal_software:concourse:0.48.0
Pivotal Software » Concourse » Version: 0.49.0

cpe:2.3:a:pivotal_software:concourse:0.49.0
Pivotal Software » Concourse » Version: 0.5.0

cpe:2.3:a:pivotal_software:concourse:0.5.0
Pivotal Software » Concourse » Version: 0.50.0

cpe:2.3:a:pivotal_software:concourse:0.50.0
Pivotal Software » Concourse » Version: 0.51.0

cpe:2.3:a:pivotal_software:concourse:0.51.0
Pivotal Software » Concourse » Version: 0.52.0

cpe:2.3:a:pivotal_software:concourse:0.52.0
Pivotal Software » Concourse » Version: 0.53.0

cpe:2.3:a:pivotal_software:concourse:0.53.0
Pivotal Software » Concourse » Version: 0.54.0

cpe:2.3:a:pivotal_software:concourse:0.54.0
Pivotal Software » Concourse » Version: 0.55.0

cpe:2.3:a:pivotal_software:concourse:0.55.0
Pivotal Software » Concourse » Version: 0.56.0

cpe:2.3:a:pivotal_software:concourse:0.56.0
Pivotal Software » Concourse » Version: 0.57.0

cpe:2.3:a:pivotal_software:concourse:0.57.0
Pivotal Software » Concourse » Version: 0.58.0

cpe:2.3:a:pivotal_software:concourse:0.58.0
Pivotal Software » Concourse » Version: 0.59.0

cpe:2.3:a:pivotal_software:concourse:0.59.0
Pivotal Software » Concourse » Version: 0.59.1

cpe:2.3:a:pivotal_software:concourse:0.59.1
Pivotal Software » Concourse » Version: 0.6.0

cpe:2.3:a:pivotal_software:concourse:0.6.0
Pivotal Software » Concourse » Version: 0.60.0

cpe:2.3:a:pivotal_software:concourse:0.60.0
Pivotal Software » Concourse » Version: 0.60.1

cpe:2.3:a:pivotal_software:concourse:0.60.1
Pivotal Software » Concourse » Version: 0.61.0

cpe:2.3:a:pivotal_software:concourse:0.61.0
Pivotal Software » Concourse » Version: 0.62.0

cpe:2.3:a:pivotal_software:concourse:0.62.0
Pivotal Software » Concourse » Version: 0.62.1

cpe:2.3:a:pivotal_software:concourse:0.62.1
Pivotal Software » Concourse » Version: 0.63.0

cpe:2.3:a:pivotal_software:concourse:0.63.0
Pivotal Software » Concourse » Version: 0.64.0

cpe:2.3:a:pivotal_software:concourse:0.64.0
Pivotal Software » Concourse » Version: 0.64.1

cpe:2.3:a:pivotal_software:concourse:0.64.1
Pivotal Software » Concourse » Version: 0.65.0

cpe:2.3:a:pivotal_software:concourse:0.65.0
Pivotal Software » Concourse » Version: 0.65.1

cpe:2.3:a:pivotal_software:concourse:0.65.1
Pivotal Software » Concourse » Version: 0.66.0

cpe:2.3:a:pivotal_software:concourse:0.66.0
Pivotal Software » Concourse » Version: 0.66.1

cpe:2.3:a:pivotal_software:concourse:0.66.1
Pivotal Software » Concourse » Version: 0.67.0

cpe:2.3:a:pivotal_software:concourse:0.67.0
Pivotal Software » Concourse » Version: 0.67.1

cpe:2.3:a:pivotal_software:concourse:0.67.1
Pivotal Software » Concourse » Version: 0.68.0

cpe:2.3:a:pivotal_software:concourse:0.68.0
Pivotal Software » Concourse » Version: 0.69.0

cpe:2.3:a:pivotal_software:concourse:0.69.0
Pivotal Software » Concourse » Version: 0.69.1

cpe:2.3:a:pivotal_software:concourse:0.69.1
Pivotal Software » Concourse » Version: 0.7.0

cpe:2.3:a:pivotal_software:concourse:0.7.0
Pivotal Software » Concourse » Version: 0.70.0

cpe:2.3:a:pivotal_software:concourse:0.70.0
Pivotal Software » Concourse » Version: 0.71.0

cpe:2.3:a:pivotal_software:concourse:0.71.0
Pivotal Software » Concourse » Version: 0.71.1

cpe:2.3:a:pivotal_software:concourse:0.71.1
Pivotal Software » Concourse » Version: 0.72.0

cpe:2.3:a:pivotal_software:concourse:0.72.0
Pivotal Software » Concourse » Version: 0.72.1

cpe:2.3:a:pivotal_software:concourse:0.72.1
Pivotal Software » Concourse » Version: 0.73.0

cpe:2.3:a:pivotal_software:concourse:0.73.0
Pivotal Software » Concourse » Version: 0.74.0

cpe:2.3:a:pivotal_software:concourse:0.74.0
Pivotal Software » Concourse » Version: 0.75.0

cpe:2.3:a:pivotal_software:concourse:0.75.0
Pivotal Software » Concourse » Version: 0.76.0

cpe:2.3:a:pivotal_software:concourse:0.76.0
Pivotal Software » Concourse » Version: 0.8.0

cpe:2.3:a:pivotal_software:concourse:0.8.0
Pivotal Software » Concourse » Version: 0.9.0

cpe:2.3:a:pivotal_software:concourse:0.9.0
Pivotal Software » Concourse » Version: 1.0.0

cpe:2.3:a:pivotal_software:concourse:1.0.0
Pivotal Software » Concourse » Version: 1.0.1

cpe:2.3:a:pivotal_software:concourse:1.0.1
Pivotal Software » Concourse » Version: 1.1.0

cpe:2.3:a:pivotal_software:concourse:1.1.0
Pivotal Software » Concourse » Version: 1.2.0

cpe:2.3:a:pivotal_software:concourse:1.2.0
Pivotal Software » Concourse » Version: 1.3.0

cpe:2.3:a:pivotal_software:concourse:1.3.0
Pivotal Software » Concourse » Version: 1.3.1

cpe:2.3:a:pivotal_software:concourse:1.3.1
Pivotal Software » Concourse » Version: 1.4.0

cpe:2.3:a:pivotal_software:concourse:1.4.0
Pivotal Software » Concourse » Version: 1.4.1

cpe:2.3:a:pivotal_software:concourse:1.4.1
Pivotal Software » Concourse » Version: 1.5.0

cpe:2.3:a:pivotal_software:concourse:1.5.0
Pivotal Software » Concourse » Version: 1.5.1

cpe:2.3:a:pivotal_software:concourse:1.5.1
Pivotal Software » Concourse » Version: 1.6.0

cpe:2.3:a:pivotal_software:concourse:1.6.0
Pivotal Software » Concourse » Version: 2.0.0

cpe:2.3:a:pivotal_software:concourse:2.0.0
Pivotal Software » Concourse » Version: 2.0.1

cpe:2.3:a:pivotal_software:concourse:2.0.1
Pivotal Software » Concourse » Version: 2.0.2

cpe:2.3:a:pivotal_software:concourse:2.0.2
Pivotal Software » Concourse » Version: 2.1.0

cpe:2.3:a:pivotal_software:concourse:2.1.0
Pivotal Software » Concourse » Version: 2.2.0

cpe:2.3:a:pivotal_software:concourse:2.2.0
Pivotal Software » Concourse » Version: 2.2.1

cpe:2.3:a:pivotal_software:concourse:2.2.1
Pivotal Software » Concourse » Version: 2.3.0

cpe:2.3:a:pivotal_software:concourse:2.3.0
Pivotal Software » Concourse » Version: 2.3.1

cpe:2.3:a:pivotal_software:concourse:2.3.1
Pivotal Software » Concourse » Version: 2.4.0

cpe:2.3:a:pivotal_software:concourse:2.4.0
Pivotal Software » Concourse » Version: 2.5.0

cpe:2.3:a:pivotal_software:concourse:2.5.0
Pivotal Software » Concourse » Version: 2.5.1

cpe:2.3:a:pivotal_software:concourse:2.5.1
Pivotal Software » Concourse » Version: 2.6.0

cpe:2.3:a:pivotal_software:concourse:2.6.0
Pivotal Software » Concourse » Version: 2.7.0

cpe:2.3:a:pivotal_software:concourse:2.7.0
Pivotal Software » Concourse » Version: 2.7.1

cpe:2.3:a:pivotal_software:concourse:2.7.1
Pivotal Software » Concourse » Version: 2.7.2

cpe:2.3:a:pivotal_software:concourse:2.7.2
Pivotal Software » Concourse » Version: 2.7.3

cpe:2.3:a:pivotal_software:concourse:2.7.3
Pivotal Software » Concourse » Version: 2.7.4

cpe:2.3:a:pivotal_software:concourse:2.7.4
Pivotal Software » Concourse » Version: 2.7.5

cpe:2.3:a:pivotal_software:concourse:2.7.5
Pivotal Software » Concourse » Version: 2.7.6

cpe:2.3:a:pivotal_software:concourse:2.7.6
Pivotal Software » Concourse » Version: 2.7.7

cpe:2.3:a:pivotal_software:concourse:2.7.7
Pivotal Software » Concourse » Version: 3.0.0

cpe:2.3:a:pivotal_software:concourse:3.0.0
Pivotal Software » Concourse » Version: 3.0.1

cpe:2.3:a:pivotal_software:concourse:3.0.1
Pivotal Software » Concourse » Version: 3.1.0

cpe:2.3:a:pivotal_software:concourse:3.1.0
Pivotal Software » Concourse » Version: 3.1.1

cpe:2.3:a:pivotal_software:concourse:3.1.1
Pivotal Software » Concourse » Version: 3.10.0

cpe:2.3:a:pivotal_software:concourse:3.10.0
Pivotal Software » Concourse » Version: 3.11.0

cpe:2.3:a:pivotal_software:concourse:3.11.0
Pivotal Software » Concourse » Version: 3.12.0

cpe:2.3:a:pivotal_software:concourse:3.12.0
Pivotal Software » Concourse » Version: 3.13.0

cpe:2.3:a:pivotal_software:concourse:3.13.0
Pivotal Software » Concourse » Version: 3.14.0

cpe:2.3:a:pivotal_software:concourse:3.14.0
Pivotal Software » Concourse » Version: 3.14.1

cpe:2.3:a:pivotal_software:concourse:3.14.1
Pivotal Software » Concourse » Version: 3.2.0

cpe:2.3:a:pivotal_software:concourse:3.2.0
Pivotal Software » Concourse » Version: 3.2.1

cpe:2.3:a:pivotal_software:concourse:3.2.1
Pivotal Software » Concourse » Version: 3.3.0

cpe:2.3:a:pivotal_software:concourse:3.3.0
Pivotal Software » Concourse » Version: 3.3.1

cpe:2.3:a:pivotal_software:concourse:3.3.1
Pivotal Software » Concourse » Version: 3.3.2

cpe:2.3:a:pivotal_software:concourse:3.3.2
Pivotal Software » Concourse » Version: 3.3.3

cpe:2.3:a:pivotal_software:concourse:3.3.3
Pivotal Software » Concourse » Version: 3.3.4

cpe:2.3:a:pivotal_software:concourse:3.3.4
Pivotal Software » Concourse » Version: 3.4.0

cpe:2.3:a:pivotal_software:concourse:3.4.0
Pivotal Software » Concourse » Version: 3.4.1

cpe:2.3:a:pivotal_software:concourse:3.4.1
Pivotal Software » Concourse » Version: 3.5.0

cpe:2.3:a:pivotal_software:concourse:3.5.0
Pivotal Software » Concourse » Version: 3.6.0

cpe:2.3:a:pivotal_software:concourse:3.6.0
Pivotal Software » Concourse » Version: 3.7.0

cpe:2.3:a:pivotal_software:concourse:3.7.0
Pivotal Software » Concourse » Version: 3.8.0

cpe:2.3:a:pivotal_software:concourse:3.8.0
Pivotal Software » Concourse » Version: 3.9.0

cpe:2.3:a:pivotal_software:concourse:3.9.0
Pivotal Software » Concourse » Version: 3.9.1

cpe:2.3:a:pivotal_software:concourse:3.9.1
Pivotal Software » Concourse » Version: 3.9.2

cpe:2.3:a:pivotal_software:concourse:3.9.2
Pivotal Software » Concourse » Version: 4.0.0

cpe:2.3:a:pivotal_software:concourse:4.0.0
Pivotal Software » Concourse » Version: 4.1.0

cpe:2.3:a:pivotal_software:concourse:4.1.0
Pivotal Software » Concourse » Version: 4.2.0

cpe:2.3:a:pivotal_software:concourse:4.2.0
Pivotal Software » Concourse » Version: 4.2.1

cpe:2.3:a:pivotal_software:concourse:4.2.1
Pivotal Software » Concourse » Version: 4.2.2

cpe:2.3:a:pivotal_software:concourse:4.2.2
Pivotal Software » Concourse » Version: 4.2.3

cpe:2.3:a:pivotal_software:concourse:4.2.3
Pivotal Software » Concourse » Version: 5.0.0

cpe:2.3:a:pivotal_software:concourse:5.0.0
Pivotal Software » Concourse » Version: 5.0.1

cpe:2.3:a:pivotal_software:concourse:5.0.1
Pivotal Software » Concourse » Version: 5.1.0

cpe:2.3:a:pivotal_software:concourse:5.1.0
Pivotal Software » Concourse » Version: 5.2.0

cpe:2.3:a:pivotal_software:concourse:5.2.0
Pivotal Software » Concourse » Version: 5.2.1

cpe:2.3:a:pivotal_software:concourse:5.2.1
Pivotal Software » Concourse » Version: 5.2.2

cpe:2.3:a:pivotal_software:concourse:5.2.2
Pivotal Software » Concourse » Version: 5.2.3

cpe:2.3:a:pivotal_software:concourse:5.2.3
Pivotal Software » Concourse » Version: 5.2.4

cpe:2.3:a:pivotal_software:concourse:5.2.4
Pivotal Software » Concourse » Version: 5.2.5

cpe:2.3:a:pivotal_software:concourse:5.2.5
Pivotal Software » Concourse » Version: 5.2.6

cpe:2.3:a:pivotal_software:concourse:5.2.6
Pivotal Software » Concourse » Version: 5.2.7

cpe:2.3:a:pivotal_software:concourse:5.2.7
Pivotal Software » Concourse » Version: 5.3.0

cpe:2.3:a:pivotal_software:concourse:5.3.0
Pivotal Software » Concourse » Version: 5.4.0

cpe:2.3:a:pivotal_software:concourse:5.4.0
Pivotal Software » Concourse » Version: 5.4.1

cpe:2.3:a:pivotal_software:concourse:5.4.1
Pivotal Software » Concourse » Version: 5.5.0

cpe:2.3:a:pivotal_software:concourse:5.5.0
Pivotal Software » Concourse » Version: 5.5.1

cpe:2.3:a:pivotal_software:concourse:5.5.1
Pivotal Software » Concourse » Version: 5.5.3

cpe:2.3:a:pivotal_software:concourse:5.5.3
Pivotal Software » Concourse » Version: 5.5.4

cpe:2.3:a:pivotal_software:concourse:5.5.4
Pivotal Software » Concourse » Version: 5.5.5

cpe:2.3:a:pivotal_software:concourse:5.5.5
Pivotal Software » Concourse » Version: 5.5.6

cpe:2.3:a:pivotal_software:concourse:5.5.6
Pivotal Software » Concourse » Version: 5.5.7

cpe:2.3:a:pivotal_software:concourse:5.5.7
Pivotal Software » Concourse » Version: 5.5.8

cpe:2.3:a:pivotal_software:concourse:5.5.8
Pivotal Software » Concourse » Version: 5.5.9

cpe:2.3:a:pivotal_software:concourse:5.5.9
Pivotal Software » Concourse » Version: 5.6.0

cpe:2.3:a:pivotal_software:concourse:5.6.0
Pivotal Software » Concourse » Version: 5.7.0

cpe:2.3:a:pivotal_software:concourse:5.7.0
Pivotal Software » Concourse » Version: 5.7.1

cpe:2.3:a:pivotal_software:concourse:5.7.1
Pivotal Software » Concourse » Version: 5.7.2

cpe:2.3:a:pivotal_software:concourse:5.7.2
Pivotal Software » Concourse » Version: 5.8.0

cpe:2.3:a:pivotal_software:concourse:5.8.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-5409

Products

Pricing

Contact Us