exploitDog

CVE-2022-46288

Опубликовано: 19 дек. 2022

Источник: nvd

CVSS3: 6.1

EPSS Низкий

Описание

Open redirect vulnerability in DENSHI NYUSATSU CORE SYSTEM v6 R4 and earlier allows a remote unauthenticated attacker to redirect a user to an arbitrary web site and conduct a phishing attack by having a user to access a specially crafted URL.

Ссылки

https://jvn.jp/en/jp/JVN96321933/index.html
Third Party Advisory
VDB Entry
https://www.cals.jacic.or.jp/coreconso/pdf/coreconsoinfo20221215.pdf
Vendor Advisory
https://jvn.jp/en/jp/JVN96321933/index.html
Third Party Advisory
VDB Entry
https://www.cals.jacic.or.jp/coreconso/pdf/coreconsoinfo20221215.pdf
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:jacic:electronic_bidding_core_system:*:*:*:*:*:*:*:*

Версия до 6 (включая)

cpe:2.3:a:jacic:electronic_bidding_core_system:6:r4:*:*:*:*:*:*

EPSS

Процентиль: 47%

0.00243

Низкий

6.1 Medium

CVSS3

Дефекты

CWE-601

CWE-601

Связанные уязвимости

GHSA-2fr2-x46r-5xjg

CVSS3: 6.1

github

около 3 лет назад

Open redirect vulnerability in DENSHI NYUSATSU CORE SYSTEM v6 R4 and earlier allows a remote unauthenticated attacker to redirect a user to an arbitrary web site and conduct a phishing attack by having a user to access a specially crafted URL.

EPSS

Процентиль: 47%

0.00243

Низкий

6.1 Medium

CVSS3

Дефекты

CWE-601

CWE-601