CVE-2012-3540 : Horizon, Open redirect through ‘next’ parameter

Posted on by

OpenStack Security Advisory: 2012-012
CVE: CVE-2012-3540
Date: August 30, 2012
Title: Open redirect through ‘next’ parameter
Impact: Medium
Reporter: Thomas Biege (SUSE)
Products: Horizon
Affects: Essex (2012.1)

Description:
Thomas Biege from SUSE reported a vulnerability in Horizon
authentication mechanism. By adding a malicious ‘next’ parameter to a
Horizon authentication URL and enticing an unsuspecting user to follow
it, the victim might get redirected after authentication to a
malicious site where useful information could be extracted. Only
setups running Essex are affected.

Fixes:

References:

Notes:
This fix will be included in a future Essex (2012.1) release.

Leave a Reply

Your email address will not be published. Required fields are marked *

*

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>