[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244625

 
 

909

 
 

193379

 
 

277

Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2019-19613Date: (C)2020-03-17   (M)2023-12-22


An issue was discovered in Halvotec RaQuest 10.23.10801.0. The login page of the admin application is vulnerable to an Open Redirect attack allowing an attacker to redirect a user to a malicious site after authentication. The attacker needs to be on the same network to modify the victim's request on the wire. Fixed in Release 24.2020.20608.0

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V3 Severity:CVSS V2 Severity:
CVSS Score : 5.2CVSS Score : 4.3
Exploit Score: 2.1Exploit Score: 5.5
Impact Score: 2.7Impact Score: 4.9
 
CVSS V3 Metrics:CVSS V2 Metrics:
Attack Vector: ADJACENT_NETWORKAccess Vector: ADJACENT_NETWORK
Attack Complexity: LOWAccess Complexity: MEDIUM
Privileges Required: NONEAuthentication: NONE
User Interaction: REQUIREDConfidentiality: PARTIAL
Scope: CHANGEDIntegrity: PARTIAL
Confidentiality: LOWAvailability: NONE
Integrity: LOW 
Availability: NONE 
  
Reference:
https://excellium-services.com/cert-xlm-advisory/
https://excellium-services.com/cert-xlm-advisory/cve-2019-19613/
https://halvotec.de/produkte/raquest/

CWE    1
CWE-601

© SecPod Technologies