CVE-2017-14524 Scanner
Detects 'Open Redirect' vulnerability in OpenText Documentum Administrator affects v. 7.2.0180.0055.
Short Info
Level
Medium
Single Scan
Single Scan
Can be used by
Asset Owner
Estimated Time
10 second
Time Interval
1 month
Scan only one
Url
Toolbox
-
OpenText Documentum Administrator is an enterprise content management system that is used to manage, secure, and share large volumes of electronic documents and content. This product is mainly used in organizations that require controlled access to sensitive data, such as healthcare, legal, and financial institutions. It provides a centralized platform for managing and securing documents, streamlining business processes and collaboration, and ensuring compliance with regulatory standards.
One of the vulnerabilities detected in this product is CVE-2017-14524. This vulnerability allows remote attackers to conduct phishing attacks and redirect users to arbitrary web sites by exploiting multiple open redirect vulnerabilities in OpenText Documentum Administrator 7.2.0180.0055. These vulnerabilities can be triggered by passing a URL in the startat parameter to xda/help/en/default.htm or by using /%09/ (slash encoded horizontal tab slash) followed by a domain in the redirectUrl parameter to xda/component/virtuallinkconnect.
If exploited, CVE-2017-14524 can result in unauthorized access to sensitive data, such as login credentials, financial information, and personal identification data. Attackers can use these unauthorized access points to launch further attacks, such as malware installation, data theft, or ransomware attacks. Phishing attacks can be particularly damaging, since they trick users into revealing sensitive information or downloading malicious software, compromising the entire organization’s network and data security.
In conclusion, s4e.io’s platform offers a wealth of resources for anyone concerned about protecting their digital assets from vulnerabilities like CVE-2017-14524. By leveraging the pro features of this platform, users can stay informed about emerging threats, secure their network and data assets, and outpace attackers with a proactive approach to cyber security.
REFERENCES