6.1
CVE-2022-26326
- EPSS 0.13%
- Veröffentlicht 02.05.2022 19:15:09
- Zuletzt bearbeitet 21.11.2024 06:53:45
- Quelle security@opentext.com
- CVE-Watchlists
- Unerledigt
LoginPotential open redirection vulnerability in NetIQ Access Manager versions prior to version 5.0.2
Potential open redirection vulnerability when URL is crafted in specific format in NetIQ Access Manager prior to 5.0.2
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Microfocus ≫ Netiq Access Manager Version < 5.0.2
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.13% | 0.336 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 6.1 | 2.8 | 2.7 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
|
| nvd@nist.gov | 5.8 | 8.6 | 4.9 |
AV:N/AC:M/Au:N/C:P/I:P/A:N
|
| security@opentext.com | 4 | 0.3 | 3.6 |
CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:N/A:N
|
CWE-601 URL Redirection to Untrusted Site ('Open Redirect')
The web application accepts a user-controlled input that specifies a link to an external site, and uses that link in a redirect.