GHSA-5c7g-5xj5-gpx3

Опубликовано: 13 мар. 2025

Источник: github

Github: Не прошло ревью

CVSS3: 4.3

Описание

Dell NetWorker, 19.11.0.3 and below versions, contain(s) an Open Redirect Vulnerability in NMC. An unauthenticated attacker with remoter access could potentially exploit this vulnerability, leading to a targeted application user being redirected to arbitrary web URLs. The vulnerability could be leveraged by attackers to conduct phishing attacks that cause users to divulge sensitive information.

Ссылки

EPSS

Процентиль: 39%

0.00175

Низкий

4.3 Medium

CVSS3

CVE ID

CVE-2025-21104

Дефекты

CWE-601

Связанные уязвимости

CVE-2025-21104

CVSS3: 4.3

nvd

11 месяцев назад

Dell NetWorker, versions prior to 19.12.0.1 and versions prior to 19.11.0.4, contain(s) an Open Redirect Vulnerability in NMC. An unauthenticated attacker with remoter access could potentially exploit this vulnerability, leading to a targeted application user being redirected to arbitrary web URLs. The vulnerability could be leveraged by attackers to conduct phishing attacks that cause users to divulge sensitive information.

BDU:2025-07191

CVSS3: 4.3

fstec

11 месяцев назад

Уязвимость консоли управления NetWorker Management Console, связанная с переадресацией URL на ненадежный сайт, позволяющая нарушителю раскрыть защищаемую информацию

EPSS

Процентиль: 39%

0.00175

Низкий

4.3 Medium

CVSS3

CVE ID

CVE-2025-21104

Дефекты

CWE-601