Lucene search
MitreCVE-2008-6511HistoryMar 23, 2009 - 8:00 p.m.
CVE-2008-6511
2009-03-2320:00:00
CWE-20
mitre
web.nvd.nist.gov
34
cve-2008-6511
openfire
open redirect vulnerability
login.jsp
remote attackers
phishing attacks
CVSS2
5.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:P/A:P
AI Score
6.5
Confidence
Low
EPSS
0.003
Percentile
71.0%
Open redirect vulnerability in login.jsp in Openfire 3.6.0a and earlier allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via the url parameter.
Affected configurations
Node
igniterealtimeopenfireRange≤3.6.0a
ORigniterealtimeopenfireMatch2.6.0
ORigniterealtimeopenfireMatch2.6.1
ORigniterealtimeopenfireMatch2.6.2
ORigniterealtimeopenfireMatch3.0.0
ORigniterealtimeopenfireMatch3.0.1
ORigniterealtimeopenfireMatch3.1.0
ORigniterealtimeopenfireMatch3.1.1
ORigniterealtimeopenfireMatch3.2.0
ORigniterealtimeopenfireMatch3.2.1
ORigniterealtimeopenfireMatch3.2.2
ORigniterealtimeopenfireMatch3.2.3
ORigniterealtimeopenfireMatch3.2.4
ORigniterealtimeopenfireMatch3.3.0
ORigniterealtimeopenfireMatch3.3.2
ORigniterealtimeopenfireMatch3.3.3
ORigniterealtimeopenfireMatch3.4.0
ORigniterealtimeopenfireMatch3.4.1
ORigniterealtimeopenfireMatch3.4.3
ORigniterealtimeopenfireMatch3.4.4
ORigniterealtimeopenfireMatch3.4.5
ORigniterealtimeopenfireMatch3.5.0
ORigniterealtimeopenfireMatch3.5.1
ORigniterealtimeopenfireMatch3.5.2
ORigniterealtimeopenfireMatch3.6.0
| Vendor | Product | Version | CPE |
|---|---|---|---|
| igniterealtime | openfire | * | cpe:2.3:a:igniterealtime:openfire:*:*:*:*:*:*:*:* |
| igniterealtime | openfire | 2.6.0 | cpe:2.3:a:igniterealtime:openfire:2.6.0:*:*:*:*:*:*:* |
| igniterealtime | openfire | 2.6.1 | cpe:2.3:a:igniterealtime:openfire:2.6.1:*:*:*:*:*:*:* |
| igniterealtime | openfire | 2.6.2 | cpe:2.3:a:igniterealtime:openfire:2.6.2:*:*:*:*:*:*:* |
| igniterealtime | openfire | 3.0.0 | cpe:2.3:a:igniterealtime:openfire:3.0.0:*:*:*:*:*:*:* |
| igniterealtime | openfire | 3.0.1 | cpe:2.3:a:igniterealtime:openfire:3.0.1:*:*:*:*:*:*:* |
| igniterealtime | openfire | 3.1.0 | cpe:2.3:a:igniterealtime:openfire:3.1.0:*:*:*:*:*:*:* |
| igniterealtime | openfire | 3.1.1 | cpe:2.3:a:igniterealtime:openfire:3.1.1:*:*:*:*:*:*:* |
| igniterealtime | openfire | 3.2.0 | cpe:2.3:a:igniterealtime:openfire:3.2.0:*:*:*:*:*:*:* |
| igniterealtime | openfire | 3.2.1 | cpe:2.3:a:igniterealtime:openfire:3.2.1:*:*:*:*:*:*:* |
Related
prion
prion
Open redirect
2009-03-23 20:00:00
cvelist
cvelist
CVE-2008-6511
2009-03-23 19:26:00
nvd
nvd
CVE-2008-6511
2009-03-23 20:00:00
exploitdb
exploitdb
openvas
openvas
Openfire < 3.6.1 Multiple Vulnerabilities
2009-03-26 00:00:00
Openfire Multiple Vulnerabilities (Mar09)
2009-03-26 00:00:00
Gentoo Security Advisory GLSA 200904-01 (openfire)
2009-04-06 00:00:00
freebsd
freebsd
openfire -- multiple vulnerabilities
2008-11-07 00:00:00
nessus
nessus
GLSA-200904-01 : Openfire: Multiple vulnerabilities
2009-04-03 00:00:00
securityvulns
securityvulns
[ GLSA 200904-01 ] Openfire: Multiple vulnerabilities
2009-04-07 00:00:00
gentoo
gentoo
Openfire: Multiple vulnerabilities
2009-04-02 00:00:00
CVSS2
5.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:P/A:P
AI Score
6.5
Confidence
Low
EPSS
0.003
Percentile
71.0%
Related for CVE-2008-6511