CVE-2019-5915

Опубликовано: 13 фев. 2019

Источник: nvd

CVSS3: 6.1

CVSS2: 5.8

EPSS Низкий

Описание

Open redirect vulnerability in OpenAM (Open Source Edition) 13.0 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a specially crafted page.

Ссылки

http://jvn.jp/en/jp/JVN43193964/index.html
Patch
Third Party Advisory
https://www.cs.themistruct.com/
Permissions Required
Third Party Advisory
https://www.osstech.co.jp/support/am2019-1-1
Patch
Vendor Advisory
http://jvn.jp/en/jp/JVN43193964/index.html
Patch
Third Party Advisory
https://www.cs.themistruct.com/
Permissions Required
Third Party Advisory
https://www.osstech.co.jp/support/am2019-1-1
Patch
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:osstech:openam:*:*:*:*:*:*:*:*

Версия от 13.0 (включая) до 13.0.0-137 (включая)

EPSS

Процентиль: 50%

0.00272

Низкий

6.1 Medium

CVSS3

5.8 Medium

CVSS2

Дефекты

CWE-601

Связанные уязвимости

GHSA-r433-3rc5-gp93