CVE-2024-8527 | THREATINT

Description

Open Redirect in URL parameter in Automated Logic WebCTRL and Carrier i-Vu versions 6.0, 6.5, 7.0, 8.0, 8.5, 9.0 may allow attackers to exploit user sessions.

PUBLISHED Reserved 2024-09-06 | Published 2025-11-19 | Updated 2025-11-19 | Assigner Carrier

HIGH: 8.6CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L

Problem types

CWE-601 URL Redirection to Untrusted Site ('Open Redirect')

Product status

Default status

unaffected

6.0 (semver)

affected

Default status

unaffected

6.0 (semver)

affected

Credits

Jaryl Low finder

Thuy D. Nguyen finder

Cynthia E. Irvine finder

References

www.corporate.carrier.com/...-security/advisories-resources/

cve.org (CVE-2024-8527)

nvd.nist.gov (CVE-2024-8527)

Download JSON

help @ threatint.eu