CVE-2023-41699

Summary

URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Payara Platform Payara Server, Micro and Embedded (Servlet Implementation modules) allows Redirect Access to Libraries.This issue affects Payara Server, Micro and Embedded: from 5.0.0 before 5.57.0, from 4.1.2.191 before 4.1.2.191.46, from 6.0.0 before 6.8.0, from 6.2023.1 before 6.2023.11.

Affected Software

VendorProductVersion RangeStatus
Payara PlatformPayara Server, Micro and Embedded5.0.0 < 5.57.0affected
Payara PlatformPayara Server, Micro and Embedded4.1.2.191 < 4.1.2.191.46affected
Payara PlatformPayara Server, Micro and Embedded6.0.0 < 6.8.0affected
Payara PlatformPayara Server, Micro and Embedded6.2023.1 < 6.2023.11affected

Weaknesses

  • CWE-601: CWE-601 URL Redirection to Untrusted Site ('Open Redirect')

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References