CVE-2024-7312

🗓️ 11 Sep 2024 15:28:43Reported by PayaraType

URL redirection vulnerability in Payara Platfor

Reporter	Title	Published	Views	Family All 9
Circl	CVE-2024-7312	11 Sep 202418:41	–	circl
CNNVD	Payara Server 安全漏洞	11 Sep 202400:00	–	cnnvd
Cvelist	CVE-2024-7312 REST Interface Link Redirection via Host parameter	11 Sep 202415:28	–	cvelist
EUVD	EUVD-2024-48253	3 Oct 202520:07	–	euvd
NVD	CVE-2024-7312	11 Sep 202416:15	–	nvd
OSV	CVE-2024-7312	11 Sep 202416:15	–	osv
Positive Technologies	PT-2024-38258 · Payara · Payara Server	11 Sep 202400:00	–	ptsecurity
RedhatCVE	CVE-2024-7312	11 Sep 202417:22	–	redhatcve
Vulnrichment	CVE-2024-7312 REST Interface Link Redirection via Host parameter	11 Sep 202415:28	–	vulnrichment

NVD

Node

payara payaraRange4.1.2.191.0–4.1.2.191.50community

payara payaraRange5.20.0–5.67.0enterprise

payara payaraRange5.2020.2–5.2022.5community

payara payaraRange6.0.0–6.18.0enterprise

payara payaraRange6.2022.1–6.2024.9community

[
  {
    "defaultStatus": "unaffected",
    "modules": [
      "REST Management Interface"
    ],
    "product": "Payara Server",
    "vendor": "Payara Platform",
    "versions": [
      {
        "lessThan": "6.18.0",
        "status": "affected",
        "version": "6.0.0",
        "versionType": "semver"
      },
      {
        "lessThan": "6.2024.9",
        "status": "affected",
        "version": "6.2022.1",
        "versionType": "semver"
      },
      {
        "lessThan": "5.2022.5",
        "status": "affected",
        "version": "5.2020.2",
        "versionType": "semver"
      },
      {
        "lessThan": "5.67.0",
        "status": "affected",
        "version": "5.20.0",
        "versionType": "semver"
      },
      {
        "lessThan": "4.1.2.191.50",
        "status": "affected",
        "version": "4.1.2.191.0",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
docs	www.docs.payara.fish/enterprise/docs/Release%20Notes/Release%20Notes%206.18.0.html
docs	www.docs.payara.fish/enterprise/docs/5.67.0/Release%20Notes/Release%20Notes%205.67.0.html

13 Sep 2024 16:27Current

6.2Medium risk

Vulners AI Score6.2

CVSS 3.16.1

CVSS 47

EPSS0.00089

SSVC

CWE-601