CVE-2021-22873 — MEDIUM (6.1)

Q: How severe is CVE-2021-22873?

CVE-2021-22873 has been rated MEDIUM with a CVSS base score of 6.1/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2021-22873?

Check the references section above for vendor advisories and patch information. Affected products include: Revive-Adserver Revive Adserver.

Vulnerability Description

Revive Adserver before 5.1.0 is vulnerable to open redirects via the `dest`, `oadest`, and/or `ct0` parameters of the lg.php and ck.php delivery scripts. Such open redirects had previously been available by design to allow third party ad servers to track such metrics when delivering ads. However, third party click tracking via redirects is not a viable option anymore, leading to such open redirect functionality being removed and reclassified as a vulnerability.

CVSS Score

6.1

MEDIUM

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality

LOW

Integrity

LOW

Availability

NONE

Affected Products

Vendor	Product	Versions
Revive-Adserver	Revive Adserver	< 5.1.0

Related Weaknesses (CWE)

CWE-601

References

http://packetstormsecurity.com/files/161070/Revive-Adserver-5.0.5-Cross-Site-ScrThird Party AdvisoryVDB Entry
http://seclists.org/fulldisclosure/2021/Jan/60Broken LinkMailing ListThird Party Advisory
https://github.com/revive-adserver/revive-adserver/issues/1068Issue TrackingThird Party Advisory
https://hackerone.com/reports/1081406ExploitThird Party Advisory
https://www.revive-adserver.com/security/revive-sa-2021-001/Vendor Advisory
http://packetstormsecurity.com/files/161070/Revive-Adserver-5.0.5-Cross-Site-ScrThird Party AdvisoryVDB Entry
http://seclists.org/fulldisclosure/2021/Jan/60Broken LinkMailing ListThird Party Advisory
https://github.com/revive-adserver/revive-adserver/issues/1068Issue TrackingThird Party Advisory
https://hackerone.com/reports/1081406ExploitThird Party Advisory
https://www.revive-adserver.com/security/revive-sa-2021-001/Vendor Advisory

FAQ

What is CVE-2021-22873?

CVE-2021-22873 is a vulnerability with a CVSS score of 6.1 (MEDIUM). Revive Adserver before 5.1.0 is vulnerable to open redirects via the `dest`, `oadest`, and/or `ct0` parameters of the lg.php and ck.php delivery scripts. Such open redirects had previously been availa...

How severe is CVE-2021-22873?

CVE-2021-22873 has been rated MEDIUM with a CVSS base score of 6.1/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2021-22873?

Check the references section above for vendor advisories and patch information. Affected products include: Revive-Adserver Revive Adserver.