exploitDog

GHSA-5pp8-66vq-8jgr

Опубликовано: 17 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 5.4

Описание

A vulnerability in the web framework of Cisco Prime Service Catalog could allow an authenticated, remote attacker to conduct a web URL redirect attack against a user who is logged in to an affected system. More Information: CSCvb21745. Known Affected Releases: 10.0_R2_tanggula.

A vulnerability in the web framework of Cisco Prime Service Catalog could allow an authenticated, remote attacker to conduct a web URL redirect attack against a user who is logged in to an affected system. More Information: CSCvb21745. Known Affected Releases: 10.0_R2_tanggula.

Ссылки

EPSS

Процентиль: 51%

0.00278

Низкий

5.4 Medium

CVSS3

CVE ID

Дефекты

CWE-601

Связанные уязвимости

CVE-2017-3810

CVSS3: 5.4

nvd

около 9 лет назад

A vulnerability in the web framework of Cisco Prime Service Catalog could allow an authenticated, remote attacker to conduct a web URL redirect attack against a user who is logged in to an affected system. More Information: CSCvb21745. Known Affected Releases: 10.0_R2_tanggula.

EPSS

Процентиль: 51%

0.00278

Низкий

5.4 Medium

CVSS3

CVE ID

Дефекты

CWE-601