CVE-2019-5946

Published May 17, 2019

Last updated 5 years ago

Overview

Description
Open redirect vulnerability in Cybozu Garoon 4.2.4 to 4.10.1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via the Login Screen.
Source
vultures@jpcert.or.jp
NVD status
Analyzed

Social media

Hype score
Not currently trending

Risk scores

CVSS 3.0

Type
Primary
Base score
6.1
Impact score
2.7
Exploitability score
2.8
Vector string
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Severity
MEDIUM

CVSS 2.0

Type
Primary
Base score
5.8
Impact score
4.9
Exploitability score
8.6
Vector string
AV:N/AC:M/Au:N/C:P/I:P/A:N

Weaknesses

nvd@nist.gov
CWE-601

Configurations