CVE-2015-8483
moderate-risk
Published 2016-02-17
Open redirect vulnerability in Cybozu Office 10.2.0 through 10.3.0 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a crafted URL.
Do I need to act?
-
0.27% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
7
CVSS 7.4/10
High
NETWORK
/ LOW complexity
Affected Products (15)
Affected Vendors
References (6)
Vendor Advisory
http://jvn.jp/en/jp/JVN71428831/index.html
Vendor Advisory
http://jvndb.jvn.jp/jvndb/JVNDB-2016-000025
Vendor Advisory
https://cs.cybozu.co.jp/2015/006088.html
Vendor Advisory
http://jvn.jp/en/jp/JVN71428831/index.html
Vendor Advisory
http://jvndb.jvn.jp/jvndb/JVNDB-2016-000025
Vendor Advisory
https://cs.cybozu.co.jp/2015/006088.html
45
/ 100
moderate-risk
Severity
26/34 · High
Exploitability
1/34 · Minimal
Exposure
18/34 · Moderate