{"id": "CVE-2017-1000500", "bulletinFamily": "NVD", "title": "CVE-2017-1000500", "description": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2017-12161. Reason: This candidate is a reservation duplicate of CVE-2017-12161. Notes: All CVE users should reference CVE-2017-12161 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.", "published": "2018-01-03T10:29:00", "modified": "2018-12-10T09:29:01", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-1000500", "reporter": "NVD", "references": [], "cvelist": ["CVE-2017-1000500"], "type": "cve", "lastseen": "2018-12-11T12:20:00", "history": [{"bulletin": {"assessment": {"href": "", "name": "", "system": ""}, "bulletinFamily": "NVD", "cpe": ["cpe:/a:redhat:mobile_application_platform:4.0", "cpe:/a:redhat:single_sign_on:7.0"], "cvelist": ["CVE-2017-1000500"], "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}, "description": "Keycloak SSO versions prior to 2.x are vulnerable to Host Header Injection on the forgot password page causing the application to send a poisoned URL as the password reset link.", "edition": 2, "enchantments": {"score": {"value": 7.5, "vector": "NONE"}}, "hash": "d99599d678f3312f8539562e02d121af3cefc0e9665b43155a6bf404b768afc2", "hashmap": [{"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "scanner"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "reporter"}, {"hash": "d94b634aba0e177cdb094ede5f8dcc4e", "key": "href"}, {"hash": "e71b43aaf95248a112e1c2c74ff8f24f", "key": "cpe"}, {"hash": "1b9ebfbc3ac6935e0e22219686ef2039", "key": "published"}, {"hash": "6d3f4796275bb54c21a33b82f399cc6d", "key": "assessment"}, {"hash": "26769fd423968d45be7383413e2552f1", "key": "cvss"}, {"hash": "90b013083c8659005f94ce4e99ce7ddf", "key": "cvelist"}, {"hash": "0ffcccc7c1f34565e44ab828f1130075", "key": "title"}, {"hash": "17a73e4a04d871133ff5514440535df4", "key": "modified"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}, {"hash": "6869d96cbd6df83b23dbd923e43d81c9", "key": "description"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}, {"hash": "47e5dd26fd4ac911d07b8ba23296e0fe", "key": "references"}], "history": [], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-1000500", "id": "CVE-2017-1000500", "lastseen": "2018-01-27T11:33:12", "modified": "2018-01-26T08:38:02", "objectVersion": "1.3", "published": "2018-01-03T10:29:00", "references": ["https://github.com/keycloak/keycloak-documentation/pull/268/commits/a2b58aadee42af2c375b72e86dffc2cf23cc3770"], "reporter": "NVD", "scanner": [], "title": "CVE-2017-1000500", "type": "cve", "viewCount": 1}, "differentElements": ["cvss", "references", "description", "modified", "cpe"], "edition": 2, "lastseen": "2018-01-27T11:33:12"}, {"bulletin": {"assessment": {"href": "", "name": "", "system": ""}, "bulletinFamily": "NVD", "cpe": [], "cvelist": ["CVE-2017-1000500"], "cvss": {"score": 0.0, "vector": "NONE"}, "description": "Keycloak SSO versions prior to 2.x are vulnerable to Host Header Injection on the forgot password page causing the application to send a poisoned URL as the password reset link.", "edition": 1, "enchantments": {"score": {"modified": "2018-01-04T11:52:13", "value": 3.2}}, "hash": "387565e7b84fa0b5d6c5da8f0fe86a7644d4dd1f6a9f730f3240e89fcdde9340", "hashmap": [{"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "scanner"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "reporter"}, {"hash": "d94b634aba0e177cdb094ede5f8dcc4e", "key": "href"}, {"hash": "1b9ebfbc3ac6935e0e22219686ef2039", "key": "published"}, {"hash": "6d3f4796275bb54c21a33b82f399cc6d", "key": "assessment"}, {"hash": "90b013083c8659005f94ce4e99ce7ddf", "key": "cvelist"}, {"hash": "1b9ebfbc3ac6935e0e22219686ef2039", "key": "modified"}, {"hash": "0ffcccc7c1f34565e44ab828f1130075", "key": "title"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}, {"hash": "6869d96cbd6df83b23dbd923e43d81c9", "key": "description"}, {"hash": "8cd4821cb504d25572038ed182587d85", "key": "cvss"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}, {"hash": "47e5dd26fd4ac911d07b8ba23296e0fe", "key": "references"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cpe"}], "history": [], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-1000500", "id": "CVE-2017-1000500", "lastseen": "2018-01-04T11:52:13", "modified": "2018-01-03T10:29:00", "objectVersion": "1.3", "published": "2018-01-03T10:29:00", "references": ["https://github.com/keycloak/keycloak-documentation/pull/268/commits/a2b58aadee42af2c375b72e86dffc2cf23cc3770"], "reporter": "NVD", "scanner": [], "title": "CVE-2017-1000500", "type": "cve", "viewCount": 0}, "differentElements": ["cvss", "modified", "cpe"], "edition": 1, "lastseen": "2018-01-04T11:52:13"}], "edition": 3, "hashmap": [{"key": "assessment", "hash": "6d3f4796275bb54c21a33b82f399cc6d"}, {"key": "bulletinFamily", "hash": "601892ece72be3be2f57266ca2354792"}, {"key": "cpe", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "cvelist", "hash": "90b013083c8659005f94ce4e99ce7ddf"}, {"key": "cvss", "hash": "8cd4821cb504d25572038ed182587d85"}, {"key": "description", "hash": "a706a41a343d46f105cf0d4858bff19e"}, {"key": "href", "hash": "d94b634aba0e177cdb094ede5f8dcc4e"}, {"key": "modified", "hash": "34f159f2b241e0cfb5b04e2d7c2247aa"}, {"key": "published", "hash": "1b9ebfbc3ac6935e0e22219686ef2039"}, {"key": "references", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "reporter", "hash": "601892ece72be3be2f57266ca2354792"}, {"key": "scanner", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "title", "hash": "0ffcccc7c1f34565e44ab828f1130075"}, {"key": "type", "hash": "1716b5fcbb7121af74efdc153d0166c5"}], "hash": "e3eac9effae7e5f122900b5b13713ff89b4def2d2d244f8ac7da4df01bec7d38", "viewCount": 1, "enchantments": {"score": {"value": 7.5, "vector": "NONE"}, "vulnersScore": 7.5}, "objectVersion": "1.3", "cpe": [], "assessment": {"href": "", "name": "", "system": ""}, "scanner": []}

{}