CVE-2020-10775

Source
https://nvd.nist.gov/vuln/detail/CVE-2020-10775
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2020-10775.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2020-10775
Related
Published
2020-08-24T17:15:10Z
Modified
2024-10-12T05:31:55.523045Z
Severity
  • 5.3 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N CVSS Calculator
Summary
[none]
Details

An Open redirect vulnerability was found in ovirt-engine versions 4.4 and earlier, where it allows remote attackers to redirect users to arbitrary web sites and attempt phishing attacks. Once the target has opened the malicious URL in their browser, the critical part of the URL is no longer visible. The highest threat from this vulnerability is on confidentiality.

References

Affected packages

Git / github.com/ovirt/ovirt-engine

Affected ranges

Type
GIT
Repo
https://github.com/ovirt/ovirt-engine
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
Last affected

Affected versions

Other

list

ovirt-engine-3.*

ovirt-engine-3.3-beta1
ovirt-engine-3.3_beta1
ovirt-engine-3.5.0_alpha1
ovirt-engine-3.5.0_alpha1.1
ovirt-engine-3.5.0_alpha2
ovirt-engine-3.5.0_beta1
ovirt-engine-3.6.0_alpha1
ovirt-engine-3.6.0_alpha1.1
ovirt-engine-3.6.0_alpha1.2
ovirt-engine-3.6.0_alpha2
ovirt-engine-3.6.0_alpha3
ovirt-engine-3.6.0_beta1
ovirt-engine-3.6.0_beta1.1
ovirt-engine-3.6.0_qa1
ovirt-engine-3.6.0_qa2
ovirt-engine-3.6.0_qa3
ovirt-engine-3.6.0_qa4

ovirt-engine-4.*

ovirt-engine-4.0.0
ovirt-engine-4.0.0_alpha1
ovirt-engine-4.0.0_beta1
ovirt-engine-4.1.0_beta1
ovirt-engine-4.2.0
ovirt-engine-4.2.0.1
ovirt-engine-4.2.0.2
ovirt-engine-4.2.0_beta1
ovirt-engine-4.2.0_beta2
ovirt-engine-4.2.0_test1
ovirt-engine-4.2.1
ovirt-engine-4.2.1.1
ovirt-engine-4.2.1.2
ovirt-engine-4.2.1.3
ovirt-engine-4.2.1.4
ovirt-engine-4.3.0
ovirt-engine-4.3.0.1
ovirt-engine-4.3.0.2
ovirt-engine-4.3.0.3
ovirt-engine-4.3.0.4
ovirt-engine-4.3.0_alpha
ovirt-engine-4.3.0_alpha2
ovirt-engine-4.3.0_rc
ovirt-engine-4.3.0_rc2
ovirt-engine-4.3.1
ovirt-engine-4.3.1.1
ovirt-engine-4.3.2
ovirt-engine-4.3.2.1
ovirt-engine-4.4.0
ovirt-engine-4.4.0_beta1
ovirt-engine-4.4.0_beta2
ovirt-engine-4.4.0_beta3
ovirt-engine-4.4.0_beta4