CVE-2023-4964

Опубликовано: 30 окт. 2023

Источник: nvd

CVSS3: 8.2

CVSS3: 6.1

EPSS Низкий

Описание

Potential open redirect vulnerability in opentext Service Management Automation X (SMAX) versions 2020.05, 2020.08, 2020.11, 2021.02, 2021.05, 2021.08, 2021.11, 2022.05, 2022.11 and opentext Asset Management X (AMX) versions 2021.08, 2021.11, 2022.05, 2022.11. The vulnerability could allow attackers to redirect a user to malicious websites.

Ссылки

https://portal.microfocus.com/s/article/KM000022703?language=en_US
Vendor Advisory
https://portal.microfocus.com/s/article/KM000022703?language=en_US
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:microfocus:asset_management_x:2021.08:*:*:*:*:*:*:*

cpe:2.3:a:microfocus:asset_management_x:2021.11:*:*:*:*:*:*:*

cpe:2.3:a:microfocus:asset_management_x:2022.05:*:*:*:*:*:*:*

cpe:2.3:a:microfocus:asset_management_x:2022.11:*:*:*:*:*:*:*

cpe:2.3:a:microfocus:service_management_automation_x:2020.05:*:*:*:*:*:*:*

cpe:2.3:a:microfocus:service_management_automation_x:2020.08:*:*:*:*:*:*:*

cpe:2.3:a:microfocus:service_management_automation_x:2020.11:*:*:*:*:*:*:*

cpe:2.3:a:microfocus:service_management_automation_x:2021.02:*:*:*:*:*:*:*

cpe:2.3:a:microfocus:service_management_automation_x:2021.05:*:*:*:*:*:*:*

cpe:2.3:a:microfocus:service_management_automation_x:2021.08:*:*:*:*:*:*:*

cpe:2.3:a:microfocus:service_management_automation_x:2021.11:*:*:*:*:*:*:*

cpe:2.3:a:microfocus:service_management_automation_x:2022.05:*:*:*:*:*:*:*

cpe:2.3:a:microfocus:service_management_automation_x:2022.11:*:*:*:*:*:*:*

EPSS

Процентиль: 21%

0.00069

Низкий

8.2 High

CVSS3

6.1 Medium

CVSS3

Дефекты

CWE-601

Связанные уязвимости

GHSA-c449-rxg5-mv8h

CVSS3: 8.2

github

больше 2 лет назад

EPSS

Процентиль: 21%

0.00069

Низкий

8.2 High

CVSS3

6.1 Medium

CVSS3

Дефекты

CWE-601