Описание
A vulnerability in the web framework of Cisco Prime Service Catalog could allow an authenticated, remote attacker to conduct a web URL redirect attack against a user who is logged in to an affected system. More Information: CSCvb21745. Known Affected Releases: 10.0_R2_tanggula.
Ссылки
- Third Party AdvisoryVDB Entry
- Vendor Advisory
- Third Party AdvisoryVDB Entry
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:cisco:prime_service_catalog:10.0\(r2\)_base:*:*:*:*:*:*:*
EPSS
Процентиль: 51%
0.00278
Низкий
5.4 Medium
CVSS3
4.9 Medium
CVSS2
Дефекты
CWE-601
Связанные уязвимости
CVSS3: 5.4
github
больше 3 лет назад
A vulnerability in the web framework of Cisco Prime Service Catalog could allow an authenticated, remote attacker to conduct a web URL redirect attack against a user who is logged in to an affected system. More Information: CSCvb21745. Known Affected Releases: 10.0_R2_tanggula.
EPSS
Процентиль: 51%
0.00278
Низкий
5.4 Medium
CVSS3
4.9 Medium
CVSS2
Дефекты
CWE-601