CVE-2014-8489 Ping Identity Corporation “PingFederate 6.10.1 SP Endpoints” Dest Redirect Privilege Escalation Security Vulnerability

cyber-security-in-internet-globe

 
 

CVE-2014-8489 Ping Identity Corporation “PingFederate 6.10.1 SP Endpoints” Dest Redirect Privilege Escalation Security Vulnerability

 

Exploit Title: “Ping Identity Corporation” “PingFederate 6.10.1 SP Endpoints” Dest Redirect Privilege Escalation Security Vulnerability
Product: PingFederate 6.10.1 SP Endpoints
Vendor: Ping Identity Corporation
Vulnerable Versions: 6.10.1
Tested Version: 6.10.1
Advisory Publication: Dec 09, 2014
Latest Update: Dec 09, 2014
Vulnerability Type: URL Redirection to Untrusted Site  [CWE-601]
CVE Reference: CVE-2014-8489
CVSS v2 Base Score: 6.4 (MEDIUM) (AV:N/AC:L/Au:N/C:P/I:P/A:N) (legend)
Impact Subscore: 4.9
Exploitability Subscore: 10.0
Credit: Wang Jing [SPMS, Nanyang Technological University (NTU), Singapore]

 

Advisory Details

 

(1) Product:
“PingFederate is a best-of-breed Internet-identity security platform that implements multiple standards-based protocols to provide cross-domain single sign-on (SSO) and user-attribute exchange, as well as support for identity-enabled Web Services and cross-domain user provisioning.”

 

(2) Vulnerability Details:
PingFederate 6.10.1 SP Endpoints is vulnerable to Dest Redirect Privilege Escalation attacks.
The security vulnerability occurs at “/startSSO.ping?” page with “&TargetResource” parameter.

 

References:
http://cve.scap.org.cn/CVE-2014-8489.html
http://www.cnvd.org.cn/flaw/show/CNVD-2014-09100
http://tetraph.com/security/open-redirect/cve-2014-8489-ping-identity-corporation-pingfederate-6-10-1-sp-endpoints-dest-redirect-privilege-escalation-security-vulnerability/
https://www.pingidentity.com/en/blog/2014/12/10/response_to_cve-2014-8489_pingfederate_6101_sp_endpoints.html
http://marc.info/?l=full-disclosure&m=141815926328949&w=4
http://permalink.gmane.org/gmane.comp.security.fulldisclosure/1302
http://seclists.org/fulldisclosure/2014/Dec/35
http://packetstormsecurity.com/files/129454/PingFederate-6.10.1-SP-Endpoints-Open-Redirect.html
http://www.osvdb.org/show/osvdb/115651
http://www.tetraph.com/blog/open-redirect/cve-2014-8489-ping-identity-corporation-pingfederate-6-10-1-sp-endpoints-dest-redirect-privilege-escalation-security-vulnerability/
http://mathswift.blogspot.com/2014/12/cve-2014-8489-ping-identity-corporation.html

 

Leave a comment

你的電子郵件位址並不會被公開。 必要欄位標記為 *

你可以使用這些 HTML 標籤與屬性: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>