exploitDog

CVE-2015-0706

Опубликовано: 23 апр. 2015

Источник: nvd

CVSS2: 5.8

EPSS Низкий

Описание

Open redirect vulnerability in Cisco FireSIGHT System Software 5.3.1.1, 5.3.1.2, and 6.0.0 in FireSIGHT Management Center allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a crafted HTTP header, aka Bug IDs CSCut06060, CSCut06056, and CSCus98966.

Комментарий

CWE-601: URL Redirection to Untrusted Site ('Open Redirect')

Ссылки

http://tools.cisco.com/security/center/viewAlert.x?alertId=38486
Vendor Advisory
http://tools.cisco.com/security/center/viewAlert.x?alertId=38486
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:cisco:firesight_system_software:5.3.1.1:*:*:*:*:*:*:*

cpe:2.3:a:cisco:firesight_system_software:5.3.1.2:*:*:*:*:*:*:*

cpe:2.3:a:cisco:firesight_system_software:6.0.0:*:*:*:*:*:*:*

EPSS

Процентиль: 19%

0.00062

Низкий

5.8 Medium

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-p9cg-9qh9-4f4v

github

больше 3 лет назад

Open redirect vulnerability in Cisco FireSIGHT System Software 5.3.1.1, 5.3.1.2, and 6.0.0 in FireSIGHT Management Center allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a crafted HTTP header, aka Bug IDs CSCut06060, CSCut06056, and CSCus98966.

EPSS

Процентиль: 19%

0.00062

Низкий

5.8 Medium

CVSS2

Дефекты

NVD-CWE-Other