6.1
CVE-2021-22526
- EPSS 0.14%
- Veröffentlicht 13.09.2021 12:15:09
- Zuletzt bearbeitet 21.11.2024 05:50:16
- Quelle security@opentext.com
- CVE-Watchlists
- Unerledigt
LoginOpen Redirection vulnerability in NetIQ Access Manager versions prior to version 4.5.4 and 5.0.1
Open Redirection vulnerability in NetIQ Access Manager prior to 5.0.1 and 4.5.4
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Microfocus ≫ Access Manager Version >= 4.5.0 < 4.5.4
Microfocus ≫ Access Manager Version >= 5.0 < 5.0.1
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.14% | 0.312 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 6.1 | 2.8 | 2.7 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
|
| nvd@nist.gov | 5.8 | 8.6 | 4.9 |
AV:N/AC:M/Au:N/C:P/I:P/A:N
|
| security@opentext.com | 4.9 | 1.8 | 2.7 |
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:N
|
CWE-601 URL Redirection to Untrusted Site ('Open Redirect')
The web application accepts a user-controlled input that specifies a link to an external site, and uses that link in a redirect.