PingFederate 6.10.1 SP Endpoints Open Redirect

`*CVE-2014-8489 Ping Identity Corporation "PingFederate 6.10.1 SP Endpoints"  
Dest Redirect Privilege Escalation Security Vulnerability*  
  
  
  
  
  
Exploit Title: "Ping Identity Corporation" "PingFederate 6.10.1 SP  
Endpoints" Dest Redirect Privilege Escalation Security Vulnerability  
Product: PingFederate 6.10.1 SP Endpoints  
Vendor: Ping Identity Corporation  
Vulnerable Versions: 6.10.1  
Tested Version: 6.10.1  
Advisory Publication: Dec 09, 2014  
Latest Update: Dec 09, 2014  
Vulnerability Type: URL Redirection to Untrusted Site [CWE-601]  
CVE Reference: CVE-2014-8489  
CVSS v2 Base Score: 5.8 (MEDIUM) (AV:N/AC:M/Au:N/C:P/I:P/A:N) (legend)  
Impact Subscore: 4.9  
Exploitability Subscore: 8.6  
Credit: Wang Jing [SPMS, Nanyang Technological University, Singapore]  
  
  
  
  
  
  
  
  
*Advisory Details*  
  
  
  
*(1) Product:*  
"PingFederate is a best-of-breed Internet-identity security platform that  
implements multiple standards-based protocols to provide cross-domain  
single sign-on (SSO) and user-attribute exchange, as well as support for  
identity-enabled Web Services and cross-domain user provisioning."  
  
  
  
  
*(2) Vulnerability Details:*  
PingFederate 6.10.1 SP Endpoints is vulnerable to Dest Redirect Privilege  
Escalation attacks.  
  
The security vulnerability occurs at "/startSSO.ping?" page with  
"&TargetResource" parameter.  
  
  
  
  
  
  
  
*References:*  
http://tetraph.com/security/cves/cve-2014-8489-ping-identity-corporation-pingfederate-6-10-1-sp-endpoints-dest-redirect-privilege-escalation-security-vulnerability/  
http://documentation.pingidentity.com/display/PF610/PingFederate+6.10  
http://cwe.mitre.org  
http://cve.mitre.org/  
  
  
`