A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) Software could allow an unauthenticated, remote malicious user to redirect a user to a malicious web page. This vulnerability is due to improper input validation of the parameters in an HTTP request. An attacker could exploit this vulnerability by persuading a user to click a crafted link. A successful exploit could allow the malicious user to redirect a user to a malicious website. This vulnerability is known as an open redirect attack, which is used in phishing attacks to get users to visit malicious sites without their knowledge.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
cisco ucs manager |
||
cisco integrated management controller |
||
cisco encs_5100_firmware |
||
cisco encs_5400_firmware |
||
cisco c220_m6_firmware |
||
cisco c225_m6_firmware |
||
cisco c240_m6_firmware |
||
cisco c245_m6_firmware |
||
cisco c125_m5_firmware |
||
cisco c220_m5_firmware |
||
cisco c240_m5_firmware |
||
cisco c480_m5_firmware |
||
cisco c480_ml_m5_firmware |
||
cisco ucs-e140s_firmware |
||
cisco ucs-e140d_firmware |
||
cisco ucs-e160d_firmware |
||
cisco ucs-e160s-m3_firmware |
||
cisco ucs-e180d-m3_firmware |
||
cisco ucs-e1120d-m3_firmware |
||
cisco ucs-e140s-m2_firmware |
||
cisco ucs-e180d-m2_firmware |
||
cisco ucs-e140s-m1_firmware |
||
cisco ucs-e140dp_firmware |
||
cisco ucs-e160dp-m1_firmware |
||
cisco ucs_s3260_firmware |