Lucene search

[email protected]CVE-2015-5354

HistoryJul 01, 2015 - 4:59 p.m.

CVE-2015-5354

2015-07-0116:59:01

CWE-601

[email protected]

web.nvd.nist.gov

cve-2015-5354

open redirect vulnerability

novius os 5.0.1

remote attack

phishing

nvd

5.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:P/A:N

6.8 Medium

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

53.5%

JSON

Open redirect vulnerability in Novius OS 5.0.1 (Elche) allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the redirect parameter to admin/nos/login.

Affected configurations

NVD

Node

novius-osnovius_osMatch5.0.1

CPENameOperatorVersion
novius-os:novius_osnovius-os novius oseq5.0.1

CPE	Name	Operator	Version
novius-os:novius_os	novius-os novius os	eq	5.0.1

References

hyp3rlinx.altervista.org/advisories/AS-NOVIUSOS0629.txt

packetstormsecurity.com/files/132478/Novius-OS-5.0.1-elche-XSS-LFI-Open-Redirect.html

www.securityfocus.com/archive/1/535876/100/0/threaded

www.exploit-db.com/exploits/37439/

5.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:P/A:N

6.8 Medium

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

53.5%

JSON

Related for CVE-2015-5354

nuclei1 prion1 cvelist1 nvd1 packetstorm1