[Details of vulnerability]
An open redirect vulnerability exists in the logout process which could allow redirecting to any website by accessing a specially crafted URL.
As a result, you might suffer damage such as phishing.
Regardless of the login status of the accessing client, the URL is redirected just by accessing it, which can easily be used in an attack.
Note that this vulnerability was disclosed as an open redirect vulnerability in JVN#68340046 intra-mart on May 8, 2014.
Please also refer to the explanation of IPA below.
https://jvndb.jvn.jp/en/contents/2014/JVNDB-2014-000044.html
Target Products
intra-mart WebPlatform / AppFramework Ver 6.0
intra-mart WebPlatform / AppFramework Ver 6.1
intra-mart WebPlatform / AppFramework Ver 7.0
intra-mart WebPlatform / AppFramework Ver 7.1
intra-mart WebPlatform / AppFramework Ver 7.2
Customers using the above products must implement the following measures without exception.
*Because this vulnerability does not exist in intra-mart Accel Platform or BaseModule/Framework of Ver5.1 or earlier versions, it is not applicable.
[Handling method]
intra-mart WebPlatform / AppFramework Ver7.2
It is already supported in Ver7.2.7 released on April 11.
Customers who cannot apply Ver7.2.7, please apply the following individual modules.
Individual modules can be applied regardless of the patch application status.
http://newsupport.intra-mart.jp/patch/download/patch_info.php?patch_cd=1199 (Japanese)
intra-mart WebPlatform / AppFramework Ver7.1~Ver6.0
Please apply the following individual modules.
Individual modules can be applied regardless of the patch application status.
For Ver.6.0: http://newsupport.intra-mart.jp/patch/download/patch_info.php?patch_cd=1195 (Japanese)
For Ver.6.1: http://newsupport.intra-mart.jp/patch/download/patch_info.php?patch_cd=1196 (Japanese)
For Ver.7.0: http://newsupport.intra-mart.jp/patch/download/patch_info.php?patch_cd=1197 (Japanese)
For Ver.7.1: http://newsupport.intra-mart.jp/patch/download/patch_info.php?patch_cd=1198 (Japanese)
[Impact range]
With this modification, in the logout process from intra-mart, a process to limit only the URL defined in the configuration file newly provided in this patch to transition is added.
No other changes have been made and will not affect your current system unless you have customized your own logout process.
For environments in which the logout process is customized, please consider applying this patch after sufficient verification.
[Target requirements]
The applicable requirements listed in this FAQ are as follows.
Requirement 25366 Vulnerability in parameter "im_initial_url"
In addition, the following requirements also apply to customers using Ver.7.2.2 or earlier versions and Ver.7.1.4 or earlier versions.
Requirement 13466 XSS vulnerability in logoutServlet (supported in Ver.7.2.3)
Requirement 13467 XSS vulnerability in logoutServlet (supported in Ver.7.1.5)
For detailed requirements, please refer to the bug information list on the customer support website.
https://issue.intra-mart.jp/projects/iwp/issues
-- Target ----------------------------------------------------------------------------------
iWP/Web System Construction Platform/WebPlatform/AppFramework
----------------------------------------------------------------------------------------------
FAQID:389