Lucene search

MitreCVE-2013-3511

HistoryMay 08, 2013 - 12:09 p.m.

CVE-2013-3511

2013-05-0812:09:34

CWE-20

mitre

web.nvd.nist.gov

cve-2013-3511

open redirect vulnerability

nedi component

groundwork monitor enterprise 6.7.0

remote attackers

phishing attacks

CVSS2

5.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:P/A:N

AI Score

6.9

Confidence

Low

EPSS

0.003

Percentile

66.3%

JSON

Open redirect vulnerability in the NeDi component in GroundWork Monitor Enterprise 6.7.0 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.

Affected configurations

Nvd

Node

gwosgroundwork_monitorMatch6.7.0-enterprise

VendorProductVersionCPE
gwosgroundwork_monitor6.7.0cpe:2.3:a:gwos:groundwork_monitor:6.7.0:-:enterprise:*:*:*:*:*

Vendor	Product	Version	CPE
gwos	groundwork_monitor	6.7.0	cpe:2.3:a:gwos:groundwork_monitor:6.7.0:-:enterprise:::::*

References

www.kb.cert.org/vuls/id/345260

kb.groundworkopensource.com/display/SUPPORT/SA6.7.0-1+Some+web+components+allow+bypass+of+role+access+controls

www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20130308-1_GroundWork_Monitoring_Multiple_high_risk_vulnerabilities_part2_wo_poc_v10.txt

CVSS2

5.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:P/A:N

AI Score

6.9

Confidence

Low

EPSS

0.003

Percentile

66.3%

JSON

Related for CVE-2013-3511