CVE-2015-2215

2022-10-0316:16:11

[email protected]

web.nvd.nist.gov

drupal

services

single sign-on

cve-2015-2215

nvd

security

vulnerability

5.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:P/A:N

7 High

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

47.7%

JSON

Open redirect vulnerability in the Services single sign-on server helper (services_sso_server_helper) module for Drupal allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified parameters.

Affected configurations

NVD

Node

services_single_sign-on_server_helper_projectservices_single_sign-on_server_helperMatch-drupal

CPENameOperatorVersion
services_single_sign-on_server_helper_project:services_single_sign-on_server_helperservices single sign-on server helper project services single sign-on server helpereq-

CPE	Name	Operator	Version
services_single_sign-on_server_helper_project:services_single_sign-on_server_helper	services single sign-on server helper project services single sign-on server helper	eq	-