CVE-2013-3511

2013-05-0810:00:00

mitre

www.cve.org

open redirect vulnerability

nedi component

groundwork monitor enterprise 6.7.0

remote attackers

phishing attacks

AI Score

6.7

Confidence

Low

EPSS

0.003

Percentile

66.3%

JSON

Open redirect vulnerability in the NeDi component in GroundWork Monitor Enterprise 6.7.0 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.

References

www.kb.cert.org/vuls/id/345260

kb.groundworkopensource.com/display/SUPPORT/SA6.7.0-1+Some+web+components+allow+bypass+of+role+access+controls

www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20130308-1_GroundWork_Monitoring_Multiple_high_risk_vulnerabilities_part2_wo_poc_v10.txt