Lucene search

CVE-2023-0681

🗓️ 20 Mar 2023 20:52:15Reported by rapid7Type

cve🔗 web.nvd.nist.gov👁 43 Views🌐 WEB

Rapid7 InsightVM 6.6.178 and lower open redirect vulnerability CVE-2023-068

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 4
Cvelist	CVE-2023-0681 Rapid7 Nexpose Uncontrolled URL Redirect	20 Mar 202317:26	–	cvelist
Prion	Open redirect	20 Mar 202320:15	–	prion
NVD	CVE-2023-0681	20 Mar 202320:15	–	nvd
Vulnrichment	CVE-2023-0681 Rapid7 Nexpose Uncontrolled URL Redirect	20 Mar 202317:26	–	vulnrichment

Nvd

Node

rapid7 insightvmRange<6.6.179

[
  {
    "defaultStatus": "unaffected",
    "product": "Nexpose",
    "vendor": "Rapid7",
    "versions": [
      {
        "lessThanOrEqual": "6.6.178",
        "status": "affected",
        "version": "0",
        "versionType": "semver"
      }
    ]
  }
]

Source	Link
docs	www.docs.rapid7.com/release-notes/nexpose/20230208/

Parameter	Position	Path	Description	CWE
page	query param	/data/console/redirect	Open redirect vulnerability allowing attackers to redirect users to malicious sites.	CWE-601

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

20 Mar 2023 20:15Current

5.1Medium risk

Vulners AI Score5.1

CVSS34.3 - 6.1

EPSS0.00053

SSVC

CWE-601