CVE-2013-2764

Опубликовано: 28 янв. 2020

Источник: nvd

CVSS3: 6.1

CVSS2: 5.8

EPSS Низкий

Описание

Secure Entry Server before 4.7.0 contains a URI Redirection vulnerability which could allow remote attackers to conduct phishing attacks due to HSP_AbsoluteRedirects being disabled by default.

Ссылки

http://www.securityfocus.com/bid/64422
Third Party Advisory
VDB Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/89853
Third Party Advisory
VDB Entry
http://www.securityfocus.com/bid/64422
Third Party Advisory
VDB Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/89853
Third Party Advisory
VDB Entry

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:united-security-providers:secure_entry_server:*:*:*:*:*:*:*:*

Версия до 4.7.0 (исключая)

EPSS

Процентиль: 53%

0.00298

Низкий

6.1 Medium

CVSS3

5.8 Medium

CVSS2

Дефекты

CWE-601

Связанные уязвимости

GHSA-f6x8-vgv3-9v7r

github

почти 4 года назад