Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2021-34772

Опубликовано: 06 окт. 2021
Источник: nvd
CVSS3: 4.7
CVSS3: 6.1
CVSS2: 5.8
EPSS Низкий

Описание

A vulnerability in the web-based management interface of Cisco Orbital could allow an unauthenticated, remote attacker to redirect users to a malicious webpage. This vulnerability is due to improper validation of URL paths in the web-based management interface. An attacker could exploit this vulnerability by persuading a user to click a crafted URL. A successful exploit could allow the attacker to redirect a user to a malicious website. This vulnerability, known as an open redirect attack, is used in phishing attacks to persuade users to visit malicious sites.

Ссылки

Уязвимые конфигурации

Конфигурация 1
cpe:2.3:a:cisco:orbital:-:*:*:*:*:*:*:*

EPSS

Процентиль: 55%
0.00329
Низкий

4.7 Medium

CVSS3

6.1 Medium

CVSS3

5.8 Medium

CVSS2

Дефекты

CWE-601
CWE-601

Связанные уязвимости

github логотип

GHSA-hh3g-r8wv-3jfv

github
больше 3 лет назад

A vulnerability in the web-based management interface of Cisco Orbital could allow an unauthenticated, remote attacker to redirect users to a malicious webpage. This vulnerability is due to improper validation of URL paths in the web-based management interface. An attacker could exploit this vulnerability by persuading a user to click a crafted URL. A successful exploit could allow the attacker to redirect a user to a malicious website. This vulnerability, known as an open redirect attack, is used in phishing attacks to persuade users to visit malicious sites.

fstec логотип

BDU:2022-00882

CVSS3: 4.7
fstec
больше 4 лет назад

Уязвимость веб-интерфейса управления службы защиты конечных точек Cisco Orbital, позволяющая нарушителю перенаправить пользователя на произвольный сайт

EPSS

Процентиль: 55%
0.00329
Низкий

4.7 Medium

CVSS3

6.1 Medium

CVSS3

5.8 Medium

CVSS2

Дефекты

CWE-601
CWE-601