Published: 28/09/2018 Updated: 09/10/2019

CVSS v2 Base Score: 5.8 | Impact Score: 4.9 | Exploitability Score: 8.6

CVSS v3 Base Score: 8.1 | Impact Score: 5.2 | Exploitability Score: 2.8

VMScore: 516

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:N

Dell EMC Unity and UnityVSA versions before 4.3.1.1525703027 contains a URL Redirection vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability to redirect Unity users to arbitrary web URLs by tricking the victim user to click on a maliciously crafted Unisphere URL. Attacker could potentially phish information, including Unisphere users' credentials, from the victim once they are redirected.

Vulnerable Product	Search on Vulmon	Subscribe to Product
dell emc_unity_firmware
dell emc unityvsa

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 DSA-2018-101: Dell EMC Unity Family Multiple Vulnerabilities Dell EMC Identifier: DSA-2018-101 CVE Identifier: CVE-2018-1246, CVE-2018-1250, CVE-2018-1251 Severity Rating: CVSS v3 Base Score: See below for individual CVEs Affected products: Dell EMC Unity Operating Environment (OE) versions pr ...

CWE-601 https://seclists.org/fulldisclosure/2018/Sep/30 https://nvd.nist.gov http://seclists.org/fulldisclosure/2018/Sep/30

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2018-1251

Vulnerability Summary

Vulnerability Trend

Mailing Lists

References

Vulmon Search

About

Products

Connect