Home > Vulnerability Database > CVE-2024-28113

Mend.io Vulnerability Database

CVE-2024-28113

Good to know:

Date: March 12, 2024

Peering Manager is a BGP session management tool. In Peering Manager <=1.8.2, it is possible to redirect users to an arbitrary page using a crafted url. As a result users can be redirected to an unexpected location. This issue has been addressed in version 1.8.3. Users are advised to upgrade. There are no known workarounds for this vulnerability.

Language: Python

Severity Score

3.5

Related Resources (4)

Url: https://nvd.nist.gov/vuln/detail/CVE-2024-28113

Url: https://github.com/peering-manager/peering-manager/security/advisories/GHSA-f4mf-5g28-q7f5

Url: https://github.com/peering-manager/peering-manager/commit/49dc5593184d7740d81e57dbbe3f971d2969dfac

Url: https://www.mend.io/vulnerability-database/CVE-2024-28113

Severity Score

3.5

Weakness Type (CWE)

URL Redirection to Untrusted Site ('Open Redirect')

CWE-601

Top Fix

Upgrade Version

Upgrade to version v1.8.3

Learn More

CVSS v3.1

Base Score:	3.5
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	LOW
Privileges Required (PR):	HIGH
User Interaction (UI):	REQUIRED
Scope (S):	UNCHANGED
Confidentiality (C):	LOW
Integrity (I):	LOW
Availability (A):	NONE

Mend.io Vulnerability Database

We found results for “”

CVE-2024-28113

Good to know:

Date: March 12, 2024

Language: Python

Severity Score

Related Resources (4)

Severity Score

Weakness Type (CWE)

Top Fix

Upgrade Version

CVSS v3.1

Do you need more information?