Lucene search
JpcertCVE-2022-46288HistoryDec 19, 2022 - 3:15 a.m.
CVE-2022-46288
2022-12-1903:15:10
CWE-601
jpcert
web.nvd.nist.gov
31
cve-2022-46288
open redirect vulnerability
denshi nyusatsu core system
remote unauthenticated attacker
phishing attack
CVSS3
6.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
EPSS
0.001
Percentile
45.6%
Open redirect vulnerability in DENSHI NYUSATSU CORE SYSTEM v6 R4 and earlier allows a remote unauthenticated attacker to redirect a user to an arbitrary web site and conduct a phishing attack by having a user to access a specially crafted URL.
Affected configurations
Node
jacicelectronic_bidding_core_systemRange≤6
ORjacicelectronic_bidding_core_systemMatch6r4
| Vendor | Product | Version | CPE |
|---|---|---|---|
| jacic | electronic_bidding_core_system | * | cpe:2.3:a:jacic:electronic_bidding_core_system:*:*:*:*:*:*:*:* |
| jacic | electronic_bidding_core_system | 6 | cpe:2.3:a:jacic:electronic_bidding_core_system:6:r4:*:*:*:*:*:* |
CNA Affected
[
{
"vendor": "Japan Construction Information Center",
"product": "DENSHI NYUSATSU CORE SYSTEM",
"versions": [
{
"version": "v6 R4 and earlier",
"status": "affected"
}
]
}
]Related
nvd
nvd
CVE-2022-46288
2022-12-19 03:15:10
cvelist
cvelist
CVE-2022-46288
2022-12-19 00:00:00
prion
prion
Open redirect
2022-12-19 03:15:00
jvn
jvn
JVN#96321933: Multiple vulnerabilities in DENSHI NYUSATSU CORE SYSTEM
2022-12-15 00:00:00
CVSS3
6.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
EPSS
0.001
Percentile
45.6%
Related for CVE-2022-46288