Lucene search

[email protected]CVE-2011-1594

HistoryFeb 05, 2014 - 6:55 p.m.

CVE-2011-1594

2014-02-0518:55:04

CWE-20

[email protected]

web.nvd.nist.gov

open redirect

spacewalk 1.6

remote attackers

red hat network

nvd

url bounce parameter

6.8 Medium

AI Score

Confidence

Low

5.8 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:P/A:N

0.003 Low

EPSS

Percentile

65.5%

JSON

Open redirect vulnerability in Spacewalk 1.6, as used in Red Hat Network (RHN) Satellite, allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the url_bounce parameter.

Affected configurations

NVD

Node

redhatnetwork_satelliteMatch-

redhatspacewalkMatch1.6

CPENameOperatorVersion
redhat:network_satelliteredhat network satelliteeq-
redhat:spacewalkredhat spacewalkeq1.6

CPE	Name	Operator	Version
redhat:network_satellite	redhat network satellite	eq	-
redhat:spacewalk	redhat spacewalk	eq	1.6

References

www.redhat.com/support/errata/RHSA-2011-1299.html

bugzilla.redhat.com/show_bug.cgi?id=672167

www.redhat.com/archives/spacewalk-announce-list/2011-December/msg00000.html

6.8 Medium

AI Score

Confidence

Low

5.8 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:P/A:N

0.003 Low

EPSS

Percentile

65.5%

JSON

Related for CVE-2011-1594

veracode1 prion1 nvd1 cvelist1 suse1 redhat1 nessus1