Описание
A vulnerability was found in openstack-nova's console proxy, noVNC. By crafting a malicious URL, noVNC could be made to redirect to any desired URL.
Ссылки
- ExploitIssue TrackingPatchThird Party Advisory
- PatchThird Party Advisory
- Issue TrackingPatchThird Party Advisory
- PatchVendor Advisory
- PatchVendor Advisory
- PatchVendor Advisory
- Mailing ListPatchThird Party Advisory
- ExploitIssue TrackingPatchThird Party Advisory
- PatchThird Party Advisory
- Issue TrackingPatchThird Party Advisory
- PatchVendor Advisory
- PatchVendor Advisory
- PatchVendor Advisory
- Mailing ListPatchThird Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 21.2.3 (исключая)Версия от 22.0.0 (включая) до 22.2.3 (исключая)Версия от 23.0.0 (включая) до 23.0.3 (исключая)
Одно из
cpe:2.3:a:openstack:nova:*:*:*:*:*:*:*:*
cpe:2.3:a:openstack:nova:*:*:*:*:*:*:*:*
cpe:2.3:a:openstack:nova:*:*:*:*:*:*:*:*
Конфигурация 2
Одно из
cpe:2.3:a:redhat:openstack_platform:16.1:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openstack_platform:16.2:*:*:*:*:*:*:*
EPSS
Процентиль: 99%
0.87982
Высокий
6.1 Medium
CVSS3
4 Medium
CVSS2
Дефекты
CWE-601
CWE-601
Связанные уязвимости
CVSS3: 6.1
ubuntu
почти 4 года назад
A vulnerability was found in openstack-nova's console proxy, noVNC. By crafting a malicious URL, noVNC could be made to redirect to any desired URL.
CVSS3: 5.7
redhat
больше 4 лет назад
A vulnerability was found in openstack-nova's console proxy, noVNC. By crafting a malicious URL, noVNC could be made to redirect to any desired URL.
CVSS3: 6.1
debian
почти 4 года назад
A vulnerability was found in openstack-nova's console proxy, noVNC. By ...
CVSS3: 6.1
github
почти 4 года назад
Open Redirect in CPython that affects users of OpenStack Nova
EPSS
Процентиль: 99%
0.87982
Высокий
6.1 Medium
CVSS3
4 Medium
CVSS2
Дефекты
CWE-601
CWE-601