ID CVE-2015-5354
Summary Open redirect vulnerability in Novius OS 5.0.1 (Elche) allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the redirect parameter to admin/nos/login. <a href="http://cwe.mitre.org/data/definitions/601.html" rel="nofollow">CWE-601: URL Redirection to Untrusted Site ('Open Redirect')</a>
References
Vulnerable Configurations
  • cpe:2.3:a:novius-os:novius_os:5.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:novius-os:novius_os:5.0.1:*:*:*:*:*:*:*
CVSS
Base: 5.8 (as of 13-03-2019 - 19:57)
Impact:
Exploitability:
CWE CWE-601
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL NONE
cvss-vector via4 AV:N/AC:M/Au:N/C:P/I:P/A:N
refmap via4
bugtraq 20150629 novius-os.5.0.1 Persistent XSS, LFI & Open Redirect Vulnerabilities
exploit-db 37439
misc
Last major update 13-03-2019 - 19:57
Published 01-07-2015 - 16:59
Last modified 13-03-2019 - 19:57
Back to Top