PT-2017-12202 · Thycotic · Thycotic Secret Server

Published

2017-07-29

·

Updated

2017-08-09

·

CVE-2017-11725

CVSS v2.0

5.8

Medium

VectorAV:N/AC:M/Au:N/C:P/I:P/A:N
Name of the Vulnerable Software and Affected Versions Thycotic Secret Server versions prior to 10.2.000019
Description The issue arises from the share function in Thycotic Secret Server mishandling the Back Button, resulting in unintended redirections.
Recommendations For versions prior to 10.2.000019, update to version 10.2.000019 or later to resolve the issue.

Fix

Open Redirect

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-601

Related Identifiers

CVE-2017-11725

Affected Products

Thycotic Secret Server