*CVE-2014-7294  Ex Libris Patron Directory Services (PDS) Open Redirect
Security Vulnerability*



Exploit Title: Ex Libris Patron Directory Services (PDS) Logon Page url
Parameter Open Redirect
Product: Ex Libris Patron Directory Services (PDS)
Vendor: Ex Libris
Vulnerable Versions: 2.1 and probability prior
Tested Version: 2.1
Advisory Publication: DEC 29, 2014
Latest Update: DEC 29, 2014
Vulnerability Type: Open Redirect [CWE-601]
CVE Reference: CVE-2014-7294
CVSS v2 Base Score: 5.8 (MEDIUM) (AV:N/AC:M/Au:N/C:P/I:P/A:N) (legend)
Impact Subscore: 4.9
Exploitability Subscore: 8.6
Credit: Wang Jing [CCRG, Nanyang Technological University (NTU), Singapore]





*Advisory Details:*

*(1) Vendor URL:*
http://www.exlibrisgroup.org/display/CrossProductCC/PDS+OpenSSO+Integration



*Product Description:*
“Ex Libris is a leading worldwide developer and provider of
high-performance applications for libraries, information centres, and
researchers.”

“Patron Directory Services (PDS) module was provides a seamless single
sign-on (SSO) environment for all Ex Libris products. such as, Aleph,
Metalib, Primo, DigiTool, Rosetta …”

It is one of the largest library management system which used by large
numbers of universities and institutions.





*(2) Vulnerability Details:*

Ex Libris Patron Directory Services (PDS) can be exploited by Open Redirect
Attacks.


*(2.1) *The vulnerability occurs at “PDS” service’s logon page, with “&url”
parameter.






*References:*
http://tetraph.com/security/cves/cve-2014-7294-ex-libris-patron-directory-services-pds-open-redirect-security-vulnerability/
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-7294







--
Wang Jing
School of Physical and Mathematical Sciences (SPMS)
Nanyang Technological University (NTU), Singapore