Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2024-6377

An URL redirection to untrusted site (open redirect) vulnerability affecting 3DPassport in 3DSwymer from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2024x allows an attacker to redirect users to an arbitrary website via a crafted URL.

Published

2024-08-20T14:15:09.917

Last Modified

2024-08-27T08:15:05.537

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 8.1 (HIGH)

Weaknesses

Type: Secondary
CWE-601
Type: Primary
CWE-601

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	3ds	3dexperience	≤ r2024x	Yes

References

https://www.3ds.com/vulnerability/advisories Vendor Advisory ([email protected])