cnvd-2018-04328
Vulnerability from cnvd
Title
Japan Total System GroupSession开放重定向漏洞
Description
Japan Total System GroupSession是日本Japan Total System(JTS)公司的一个群件项目,以方便企业和组织的沟通,旨在促进信息共享。 Japan Total System GroupSession 4.7.0及之前版本中存在开放重定向漏洞。攻击者可利用该漏洞将用户重定向到任意网站,实施钓鱼攻击。
Severity
Patch Name
Japan Total System GroupSession开放重定向漏洞的补丁
Patch Description
Japan Total System GroupSession是日本Japan Total System(JTS)公司的一个群件项目,以方便企业和组织的沟通,旨在促进信息共享。 Japan Total System GroupSession 4.7.0及之前版本中存在开放重定向漏洞。攻击者可利用该漏洞将用户重定向到任意网站,实施钓鱼攻击。目前,供应商发布了安全公告及相关补丁信息,修复了此漏洞。
Formal description

目前厂商已发布升级补丁以修复漏洞,详情请关注厂商主页: https://groupsession.jp/

Reference
http://jvn.jp/en/jp/JVN26200083/
Impacted products
Name
Japan Total System Co.,Ltd. GroupSession <=4.7.0
Show details on source website

To clipboard 

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2017-2166"
    }
  },
  "description": "Japan Total System GroupSession\u662f\u65e5\u672cJapan Total System\uff08JTS\uff09\u516c\u53f8\u7684\u4e00\u4e2a\u7fa4\u4ef6\u9879\u76ee\uff0c\u4ee5\u65b9\u4fbf\u4f01\u4e1a\u548c\u7ec4\u7ec7\u7684\u6c9f\u901a\uff0c\u65e8\u5728\u4fc3\u8fdb\u4fe1\u606f\u5171\u4eab\u3002\r\n\r\nJapan Total System GroupSession 4.7.0\u53ca\u4e4b\u524d\u7248\u672c\u4e2d\u5b58\u5728\u5f00\u653e\u91cd\u5b9a\u5411\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u5c06\u7528\u6237\u91cd\u5b9a\u5411\u5230\u4efb\u610f\u7f51\u7ad9\uff0c\u5b9e\u65bd\u9493\u9c7c\u653b\u51fb\u3002",
  "discovererName": "Norihiko Hirukawa",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u53d1\u5e03\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6f0f\u6d1e\uff0c\u8be6\u60c5\u8bf7\u5173\u6ce8\u5382\u5546\u4e3b\u9875\uff1a\r\nhttps://groupsession.jp/",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2018-04328",
  "openTime": "2018-03-06",
  "patchDescription": "Japan Total System GroupSession\u662f\u65e5\u672cJapan Total System\uff08JTS\uff09\u516c\u53f8\u7684\u4e00\u4e2a\u7fa4\u4ef6\u9879\u76ee\uff0c\u4ee5\u65b9\u4fbf\u4f01\u4e1a\u548c\u7ec4\u7ec7\u7684\u6c9f\u901a\uff0c\u65e8\u5728\u4fc3\u8fdb\u4fe1\u606f\u5171\u4eab\u3002\r\n\r\nJapan Total System GroupSession 4.7.0\u53ca\u4e4b\u524d\u7248\u672c\u4e2d\u5b58\u5728\u5f00\u653e\u91cd\u5b9a\u5411\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u5c06\u7528\u6237\u91cd\u5b9a\u5411\u5230\u4efb\u610f\u7f51\u7ad9\uff0c\u5b9e\u65bd\u9493\u9c7c\u653b\u51fb\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Japan Total System GroupSession\u5f00\u653e\u91cd\u5b9a\u5411\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": "Japan Total System Co.,Ltd. GroupSession \u003c=4.7.0"
  },
  "referenceLink": "http://jvn.jp/en/jp/JVN26200083/",
  "serverity": "\u4e2d",
  "submitTime": "2018-01-22",
  "title": "Japan Total System GroupSession\u5f00\u653e\u91cd\u5b9a\u5411\u6f0f\u6d1e"
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.