CVE-2018-1251
 
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
Dell EMC Unity and UnityVSA versions prior to 4.3.1.1525703027 contains a URL Redirection vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability to redirect Unity users to arbitrary web URLs by tricking the victim user to click on a maliciously crafted Unisphere URL. Attacker could potentially phish information, including Unisphere users' credentials, from the victim once they are redirected.
Dell EMC Unity y UnityVSA en versiones anteriores a la 4.3.1.1525703027 contiene una vulnerabilidad de redirección de URL. Un atacante remoto no autenticado podría explotar esta vulnerabilidad para redirigir a los usuarios de Unity a URL web arbitrarias engañando a la víctima para que haga clic en una URL de Unisphere maliciosamente manipulada. Los atacantes podrían captar información, incluyendo las credenciales de usuario de Unisphere, de la víctima una vez son redirigidos.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2017-12-06 CVE Reserved
- 2018-09-19 CVE Published
- 2024-07-03 EPSS Updated
- 2024-09-16 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-601: URL Redirection to Untrusted Site ('Open Redirect')
CAPEC
References (1)
URL | Tag | Source |
---|---|---|
https://seclists.org/fulldisclosure/2018/Sep/30 | Mailing List |
URL | Date | SRC |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Dell Search vendor "Dell" | Emc Unity Firmware Search vendor "Dell" for product "Emc Unity Firmware" | < 4.3.1.1525703027 Search vendor "Dell" for product "Emc Unity Firmware" and version " < 4.3.1.1525703027" | - |
Affected
| in | Dell Search vendor "Dell" | Emc Unity Search vendor "Dell" for product "Emc Unity" | - | - |
Safe
|
Dell Search vendor "Dell" | Emc Unityvsa Search vendor "Dell" for product "Emc Unityvsa" | < 4.3.1.1525703027 Search vendor "Dell" for product "Emc Unityvsa" and version " < 4.3.1.1525703027" | - |
Affected
|