CVE-2024-25657

Name of the Vulnerable Software and Affected Versions AVSystem Unified Management Platform (UMP) version 23.07.0.16567~LTS

Description An open redirect in the Login/Logout functionality of web management could allow attackers to redirect authenticated users to malicious websites.

Recommendations For AVSystem Unified Management Platform (UMP) version 23.07.0.16567~LTS, consider restricting access to the Login/Logout functionality until a patch is available. As a temporary workaround, avoid using the web management interface for login and logout operations to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.