5.8
CVE-2015-0697
- EPSS 0.21%
- Veröffentlicht 15.04.2015 10:59:03
- Zuletzt bearbeitet 12.04.2025 10:46:40
- Quelle psirt@cisco.com
- CVE-Watchlists
- Unerledigt
LoginOpen redirect vulnerability in the login page in Cisco TC Software before 6.3-26 and 7.x before 7.3.0 on Cisco TelePresence Collaboration Desk and Room Endpoints devices allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors, aka Bug ID CSCuq94980.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Cisco ≫ Telepresence Tc Software Version6.0.0
Cisco ≫ Telepresence Tc Software Version6.0.0-cucm
Cisco ≫ Telepresence Tc Software Version6.0.1
Cisco ≫ Telepresence Tc Software Version6.0.1-cucm
Cisco ≫ Telepresence Tc Software Version6.0.2
Cisco ≫ Telepresence Tc Software Version6.0_base
Cisco ≫ Telepresence Tc Software Version6.1.0
Cisco ≫ Telepresence Tc Software Version6.1.0-cucm
Cisco ≫ Telepresence Tc Software Version6.1.1
Cisco ≫ Telepresence Tc Software Version6.1.1-cucm
Cisco ≫ Telepresence Tc Software Version6.1.2
Cisco ≫ Telepresence Tc Software Version6.1.2-cucm
Cisco ≫ Telepresence Tc Software Version6.1_base
Cisco ≫ Telepresence Tc Software Version6.3_base
Cisco ≫ Telepresence Tc Software Version7.2_base
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.21% | 0.431 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.8 | 8.6 | 4.9 |
AV:N/AC:M/Au:N/C:P/I:P/A:N
|
CWE-601 URL Redirection to Untrusted Site ('Open Redirect')
The web application accepts a user-controlled input that specifies a link to an external site, and uses that link in a redirect.