Absolute Secure Access Open-Redirect Vulnerability

Vulnerability

An open-redirect vulnerability has been identified in Absolute Secure Access versions prior to 14.10. This vulnerability allows attackers with access to the administrative console to redirect users to arbitrary URLs. The attack complexity is low, requires user participation, and no special privileges are needed. While the vulnerability has a low impact on confidentiality, integrity, and availability, it can lead to high-severity impacts on subsequent systems.

Impact

Exploitation of this vulnerability allows for open redirection, potentially leading to phishing attacks or the distribution of malware. Additionally, according to Absolute, this vulnerability could have high-severity impacts on confidentiality, integrity, and availability in subsequent systems.

Added: Oct 2, 2025, 9:20 PM

Updated: Oct 2, 2025, 9:20 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

1.0

exploitability

4.0

remediation

7.7

relevance

0.6

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

1.0

exploitability

4.0

remediation

7.7

relevance

0.6

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Absolute Secure Access Open-Redirect Vulnerability

Vulnerability

Impact

Affected Products

Absolute Secure Access

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating