CVE-2017-5571
Summary
| CVE | CVE-2017-5571 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2017-03-03 15:59:00 UTC |
| Updated | 2018-05-30 01:29:00 UTC |
| Description | Open redirect vulnerability in the lmadmin component in Flexera FlexNet Publisher (aka Flex License Manager) 11.14.1 and earlier, as used in Citrix License Server for Windows and the Citrix License Server VPX, allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors. |
Risk And Classification
Problem Types: CWE-601
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Flexerasoftware | Flexnet Publisher | All | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Citrix License Server for Windows and License Server VPX CVE-2017-5571 Open Redirect Vulnerability | BID | www.securityfocus.com | Third Party Advisory, VDB Entry |
| CVE-2017-5571 - Open Redirect Vulnerability in Citrix License Server for Windows and Citrix License Server VPX | CONFIRM | support.citrix.com | Third Party Advisory |
| Schneider Electric Floating License Manager | CISA | MISC | ics-cert.us-cert.gov | |
| Security Notification – PlantStruxure PES | Schneider Electric | CONFIRM | www.schneider-electric.com | |
| Security Notification-EcoStruxure Modicon Builder | Schneider Electric | CONFIRM | www.schneider-electric.com | |
| AVEVA Global Customer Support - Login | CONFIRM | www.citect.schneider-electric.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
Legacy QID Mappings
- 590723 Schneider Electric Floating License Manager for CitectSCADA,CitectHistorian and Citect Anywhere Multiple Vulnerabilities (ICSA-18-144-01)