CVE-2015-5510
Published Aug 18, 2015
Last updated 9 years ago
Overview
- Description
- Open redirect vulnerability in the Content Construction Kit (CCK) 6.x-2.x before 6.x-2.10 for Drupal allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via the destinations parameter, related to administration pages.
- Source
- cve@mitre.org
- NVD status
- Analyzed
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 5.8
- Impact score
- 4.9
- Exploitability score
- 8.6
- Vector string
- AV:N/AC:M/Au:N/C:P/I:P/A:N
Weaknesses
- nvd@nist.gov
- NVD-CWE-Other
Social media
- Hype score
- Not currently trending
Evaluator
- Comment
- <a href="http://cwe.mitre.org/data/definitions/601.html">CWE-601: URL Redirection to Untrusted Site ('Open Redirect')</a>
- Impact
- -
- Solution
- -
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:content_construction_kit_project:content_construction_kit:6.x-2.0:*:*:*:*:drupal:*:*",
"vulnerable": true,
"matchCriteriaId": "915FCE3F-F0C5-4175-9CE6-5751A5E889A4"
},
{
"criteria": "cpe:2.3:a:content_construction_kit_project:content_construction_kit:6.x-2.1:*:*:*:*:drupal:*:*",
"vulnerable": true,
"matchCriteriaId": "E5C56811-DBA7-4F92-8797-82692834D785"
},
{
"criteria": "cpe:2.3:a:content_construction_kit_project:content_construction_kit:6.x-2.2:*:*:*:*:drupal:*:*",
"vulnerable": true,
"matchCriteriaId": "32341985-23E1-490F-A2FF-BFD91F9BC5D8"
},
{
"criteria": "cpe:2.3:a:content_construction_kit_project:content_construction_kit:6.x-2.3:*:*:*:*:drupal:*:*",
"vulnerable": true,
"matchCriteriaId": "93394767-C7BA-4BD5-B6B3-A6E12A56C423"
},
{
"criteria": "cpe:2.3:a:content_construction_kit_project:content_construction_kit:6.x-2.4:*:*:*:*:drupal:*:*",
"vulnerable": true,
"matchCriteriaId": "F8E8F59A-A1C0-49F5-A72B-C51EF320F68A"
},
{
"criteria": "cpe:2.3:a:content_construction_kit_project:content_construction_kit:6.x-2.5:*:*:*:*:drupal:*:*",
"vulnerable": true,
"matchCriteriaId": "CE4580DC-AEB8-4B96-9EF6-D9F68FF931B9"
},
{
"criteria": "cpe:2.3:a:content_construction_kit_project:content_construction_kit:6.x-2.6:*:*:*:*:drupal:*:*",
"vulnerable": true,
"matchCriteriaId": "ADAD53AB-046C-46E0-8288-440DE5FEBC60"
},
{
"criteria": "cpe:2.3:a:content_construction_kit_project:content_construction_kit:6.x-2.7:*:*:*:*:drupal:*:*",
"vulnerable": true,
"matchCriteriaId": "FBDD5EA5-3951-46F1-B924-515F1D9F3AB3"
},
{
"criteria": "cpe:2.3:a:content_construction_kit_project:content_construction_kit:6.x-2.8:*:*:*:*:drupal:*:*",
"vulnerable": true,
"matchCriteriaId": "FCF623FA-3C49-4CFA-8F05-993EAA571F66"
},
{
"criteria": "cpe:2.3:a:content_construction_kit_project:content_construction_kit:6.x-2.9:*:*:*:*:drupal:*:*",
"vulnerable": true,
"matchCriteriaId": "DF285628-18B2-4E0C-9E7B-6ADFF3DB278D"
}
],
"operator": "OR"
}
]
}
]