5.8
CVE-2012-5647
- EPSS 1.47%
- Veröffentlicht 24.02.2013 21:55:01
- Zuletzt bearbeitet 29.04.2026 01:13:23
- Quelle secalert@redhat.com
- CVE-Watchlists
- Unerledigt
Open redirect vulnerability in node-util/www/html/restorer.php in Red Hat OpenShift Origin before 1.0.5-3 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the PATH_INFO.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Redhat ≫ Openshift Origin Version <= 1.0.5
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.47% | 0.705 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.8 | 8.6 | 4.9 |
AV:N/AC:M/Au:N/C:P/I:P/A:N
|
CWE-20 Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
http://rhn.redhat.com/errata/RHSA-2013-0148.html
http://www.securityfocus.com/bid/57189
https://github.com/openshift/origin-server/commit/32564a0839b1517d762afab2013c26c0959bac00
https://github.com/openshift/origin-server/pull/1017
http://www.osvdb.org/89430
https://bugzilla.redhat.com/show_bug.cgi?id=888523