Vulnerability Description
Open redirect vulnerability in Innovative Interfaces Encore Discovery Solution 4.3 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in an unspecified parameter.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Iii | Encore Discovery Solution | 4.3 |
References
- http://packetstormsecurity.com/files/128013/Encore-Discovery-Solution-4.3-Open-R
- http://www.securityfocus.com/archive/1/533233/100/0/threaded
- http://www.securityfocus.com/bid/69427
- https://exchange.xforce.ibmcloud.com/vulnerabilities/95568
- http://packetstormsecurity.com/files/128013/Encore-Discovery-Solution-4.3-Open-R
- http://www.securityfocus.com/archive/1/533233/100/0/threaded
- http://www.securityfocus.com/bid/69427
- https://exchange.xforce.ibmcloud.com/vulnerabilities/95568
FAQ
What is CVE-2014-5127?
CVE-2014-5127 is a vulnerability with a CVSS score of 5.8 (MEDIUM). Open redirect vulnerability in Innovative Interfaces Encore Discovery Solution 4.3 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in an unspeci...
How severe is CVE-2014-5127?
CVE-2014-5127 has been rated MEDIUM with a CVSS base score of 5.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2014-5127?
Check the references section above for vendor advisories and patch information. Affected products include: Iii Encore Discovery Solution.