Lucene search

[email protected]CVE-2014-8670

HistoryNov 06, 2014 - 3:55 p.m.

CVE-2014-8670

2014-11-0615:55:14

[email protected]

web.nvd.nist.gov

vbulletin

open redirect

cve-2014-8670

phishing

security vulnerability

6.9 Medium

AI Score

Confidence

Low

5.8 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:P/A:N

0.003 Low

EPSS

Percentile

71.5%

JSON

Open redirect vulnerability in go.php in vBulletin 4.2.1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the url parameter.

Affected configurations

NVD

Node

vbulletinvbulletinMatch4.2.1

CPENameOperatorVersion
vbulletin:vbulletinvbulletineq4.2.1

CPE	Name	Operator	Version
vbulletin:vbulletin	vbulletin	eq	4.2.1

References

packetstormsecurity.com/files/128958/vBulletin-4.2.1-Open-Redirect.html

www.securityfocus.com/bid/70906

exchange.xforce.ibmcloud.com/vulnerabilities/98476

6.9 Medium

AI Score

Confidence

Low

5.8 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:P/A:N

0.003 Low

EPSS

Percentile

71.5%

JSON

Related for CVE-2014-8670

nvd1 prion1 cvelist1