CVE-2019-14223
published 2019-09-06CVE-2019-14223: An issue was discovered in Alfresco Community Edition versions below 5.2.6, 6.0.N and 6.1.N. The Alfresco Share application is vulnerable to an Open Redirect…
PriorityP179medium6.1CVSS 3.1
AVNACLPRNUIRSCCLILAN
ITWEXPLOITVulnCheck KEV
Exploited in the wild
EPSS
4.47%
90.3th percentile
An issue was discovered in Alfresco Community Edition versions below 5.2.6, 6.0.N and 6.1.N. The Alfresco Share application is vulnerable to an Open Redirect attack via a crafted POST request. By manipulating the POST parameters, an attacker can redirect a victim to a malicious website over any protocol the attacker desires (e.g.,http, https, ftp, smb, etc.).
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| alfresco | alfresco | < 5.2.6 | 5.2.6 |
| alfresco | alfresco | — | — |
| alfresco | alfresco | — | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Detect exploit attempts by monitoring POST requests to /share/page/dologin where the 'failure' parameter contains a backslash or external domain (e.g., :\<domain>), indicating an open redirect payload. ↗
- →The exploit uses Content-Type: application/x-www-form-urlencoded in the POST request to /share/page/dologin; correlate this with anomalous 'failure' parameter values pointing to external hosts. ↗
- ·Affected versions are Alfresco Community Edition below 5.2.6, 6.0.N, and 6.1.N. Detection rules should be scoped to these versions to reduce false positives. ↗
- ·The open redirect can abuse any protocol (http, https, ftp, smb, etc.) via the 'failure' POST parameter, so detection logic must not be limited to HTTP/HTTPS redirect schemes. ↗
CVSS provenance
nvdv3.16.1MEDIUMCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
nvdv2.05.8MEDIUMAV:N/AC:M/Au:N/C:P/I:P/A:N
vulncheck6.1MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-r489-wv9g-p54f: An issue was discovered in Alfresco Community Edition versions below 5
ghsa_unreviewed·2022-05-24
CVE-2019-14223 [MEDIUM] GHSA-r489-wv9g-p54f: An issue was discovered in Alfresco Community Edition versions below 5
An issue was discovered in Alfresco Community Edition versions below 5.2.6, 6.0.N and 6.1.N. The Alfresco Share application is vulnerable to an Open Redirect attack via a crafted POST request. By manipulating the POST parameters, an attacker can redirect a victim to a malicious website over any protocol the attacker desires (e.g.,http, https, ftp, smb, etc.).
VulnCheck
alfresco alfresco URL Redirection to Untrusted Site ('Open Redirect')
vulncheck·2019·CVSS 6.1
CVE-2019-14223 [MEDIUM] alfresco alfresco URL Redirection to Untrusted Site ('Open Redirect')
alfresco alfresco URL Redirection to Untrusted Site ('Open Redirect')
An issue was discovered in Alfresco Community Edition versions below 5.2.6, 6.0.N and 6.1.N. The Alfresco Share application is vulnerable to an Open Redirect attack via a crafted POST request. By manipulating the POST parameters, an attacker can redirect a victim to a malicious website over any protocol the attacker desires (e.g.,http, https, ftp, smb, etc.).
Affected: alfresco alfresco
Required Action: Apply remediations or mitigations per vendor instructions or discontinue use of the product if remediation or mitigations are unavailable.
Exploitation References: https://dashboard.shadowserver.org/statistics/honeypot/vulnerability/map/?day=2024-01-22&host_type=src&vulnerability=cve-2019-14223; https://dashboard.shad
No detection rules found.
Nuclei
Alfresco Share - Open Redirect
nuclei·CVSS 6.1
CVE-2019-14223 [MEDIUM] Alfresco Share - Open Redirect
Alfresco Share - Open Redirect
Alfresco Share before 5.2.6, 6.0.N and 6.1.N contains an open redirect vulnerability via a crafted POST request. An attacker can redirect a user to a malicious site and possibly obtain sensitive information, modify data, and/or execute unauthorized operations.
Template:
id: CVE-2019-14223
info:
name: Alfresco Share - Open Redirect
author: pdteam
severity: medium
description: Alfresco Share before 5.2.6, 6.0.N and 6.1.N contains an open redirect vulnerability via a crafted POST request. An attacker can redirect a user to a malicious site and possibly obtain sensitive information, modify data, and/or execute unauthorized operations.
impact: |
An attacker can trick users into visiting a malicious website, leading to potential phishing attacks or the disclosu
No writeups or analysis indexed.
https://community.alfresco.com/content?filterID=all~objecttype~thread%5Bquestions%5Dhttps://github.com/DrunkenShells/Disclosures/tree/master/CVE-2019-14223-Open%20Redirect%20in%20Alfresco%20Share-Alfresco%20Communityhttps://community.alfresco.com/content?filterID=all~objecttype~thread%5Bquestions%5Dhttps://github.com/DrunkenShells/Disclosures/tree/master/CVE-2019-14223-Open%20Redirect%20in%20Alfresco%20Share-Alfresco%20Community
2019-09-06
Published
Exploited in the wild