Lucene search

[email protected]NVD:CVE-2023-50704

HistoryDec 20, 2023 - 12:15 a.m.

CVE-2023-50704

2023-12-2000:15:09

CWE-601

[email protected]

web.nvd.nist.gov

cve-2023-50704

application url

redirection

arbitrary

external domain

phishing

6.1 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

0.0005 Low

EPSS

Percentile

17.1%

JSON

An attacker could construct a URL within the application that causes a redirection to an arbitrary external domain and could be leveraged to facilitate phishing attacks against application users.

Affected configurations

NVD

Node

efacecuc_500e_firmwareMatch10.1.0

AND

efacecuc_500eMatch-

References

www.cisa.gov/news-events/ics-advisories/icsa-23-353-03

6.1 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

0.0005 Low

EPSS

Percentile

17.1%

JSON

Related for NVD:CVE-2023-50704

cve1 prion1 cvelist1 ics1