Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2021-1500

Опубликовано: 04 нояб. 2021
Источник: nvd
CVSS3: 5.4
CVSS3: 6.1
CVSS2: 5.8
EPSS Низкий

Описание

A vulnerability in the web-based management interface of Cisco Webex Video Mesh could allow an unauthenticated, remote attacker to redirect a user to a malicious web page. This vulnerability is due to improper input validation of the URL parameters in an HTTP request. An attacker could exploit this vulnerability by persuading a user to click a crafted link. A successful exploit could allow the attacker to redirect a user to a malicious website. Attackers may use this type of vulnerability, known as an open redirect attack, as part of a phishing attack to persuade users to unknowingly visit malicious sites.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:cisco:collaboration_meeting_rooms:2.0:*:*:*:*:*:*:*
cpe:2.3:a:cisco:webex_video_mesh:*:*:*:*:*:*:*:*
Версия до 2021.10.18.2439m (исключая)

EPSS

Процентиль: 40%
0.00183
Низкий

5.4 Medium

CVSS3

6.1 Medium

CVSS3

5.8 Medium

CVSS2

Дефекты

CWE-601
CWE-601

Связанные уязвимости

github логотип

GHSA-hhx6-gmw8-x326

github
больше 3 лет назад

A vulnerability in the web-based management interface of Cisco Webex Video Mesh could allow an unauthenticated, remote attacker to redirect a user to a malicious web page. This vulnerability is due to improper input validation of the URL parameters in an HTTP request. An attacker could exploit this vulnerability by persuading a user to click a crafted link. A successful exploit could allow the attacker to redirect a user to a malicious website. Attackers may use this type of vulnerability, known as an open redirect attack, as part of a phishing attack to persuade users to unknowingly visit malicious sites.

fstec логотип

BDU:2021-05541

CVSS3: 6.1
fstec
больше 4 лет назад

Уязвимость веб-интерфейса управления программного средства обмена медиаданными Cisco Webex Video Mesh, позволяющая нарушителю перенаправить пользователя на вредоносную веб-страницу

EPSS

Процентиль: 40%
0.00183
Низкий

5.4 Medium

CVSS3

6.1 Medium

CVSS3

5.8 Medium

CVSS2

Дефекты

CWE-601
CWE-601