Lucene search

K
cve[email protected]CVE-2022-43479
HistoryDec 05, 2022 - 4:15 a.m.

CVE-2022-43479

2022-12-0504:15:10
CWE-601
web.nvd.nist.gov
20
cve-2022-43479
open redirect
shirasagi
vulnerability
remote attacker
phishing attack

6.1 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

0.002 Low

EPSS

Percentile

59.1%

Open redirect vulnerability in SHIRASAGI v1.14.4 to v1.15.0 allows a remote unauthenticated attacker to redirect users to an arbitrary web site and conduct a phishing attack.

Affected configurations

Vulners
NVD
Node
shirasagi_projectshirasagiRange1.14.41.15.0

CNA Affected

[
  {
    "vendor": "SHIRASAGI Project",
    "product": "SHIRASAGI",
    "versions": [
      {
        "version": "v1.14.4 to v1.15.0",
        "status": "affected"
      }
    ]
  }
]

6.1 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

0.002 Low

EPSS

Percentile

59.1%

Related for CVE-2022-43479