CVE-2012-5647

Exploit

EPSS 0.48%
Veröffentlicht 24.02.2013 21:55:01
Zuletzt bearbeitet 11.04.2025 00:51:21
Quelle secalert@redhat.com
Teams Watchlist Login
Unerledigt Login

Open redirect vulnerability in node-util/www/html/restorer.php in Red Hat OpenShift Origin before 1.0.5-3 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the PATH_INFO.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 9

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Redhat ≫ Openshift Version1.0 Update- Editionenterprise

Redhat ≫ Openshift Origin Version <= 1.0.5

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.48%	0.62

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	5.8	8.6	4.9	AV:N/AC:M/Au:N/C:P/I:P/A:N

CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

http://rhn.redhat.com/errata/RHSA-2013-0148.html

http://www.securityfocus.com/bid/57189

https://github.com/openshift/origin-server/commit/32564a0839b1517d762afab2013c26c0959bac00

Patch

Exploit

https://github.com/openshift/origin-server/pull/1017

http://www.osvdb.org/89430

https://bugzilla.redhat.com/show_bug.cgi?id=888523

https://nvd.nist.gov/vuln/detail/CVE-2012-5647

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2012-5647

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2012-5647

EUVD