Vulnerability Details CVE-2011-1594
A flaw was found in Spacewalk, as used in Red Hat Network Satellite. This open redirect vulnerability allows remote attackers to redirect users to arbitrary web sites by manipulating a URL in the url_bounce parameter. This can enable attackers to conduct phishing attacks, potentially leading to unauthorized information disclosure or credential theft.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 60.6%
CVSS Severity
CVSS v3 Score 6.5
CVSS v2 Score 5.8
References
- http://www.redhat.com/support/errata/RHSA-2011-1299.html
- https://access.redhat.com/security/cve/CVE-2011-1594
- https://bugzilla.redhat.com/show_bug.cgi?id=672167
- https://www.redhat.com/archives/spacewalk-announce-list/2011-December/msg00000.html
- http://www.redhat.com/support/errata/RHSA-2011-1299.html
- https://bugzilla.redhat.com/show_bug.cgi?id=672167
- https://www.redhat.com/archives/spacewalk-announce-list/2011-December/msg00000.html
Products affected by CVE-2011-1594
-
cpe:2.3:a:redhat:network_satellite:-
-
cpe:2.3:a:redhat:spacewalk:1.6