CVE-2014-2117

CWE-20Improper Input Validation5 documents5 sources
Severity
4.3MEDIUM
EPSS
0.4%
top 40.76%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Cisco Emergency Responder
Timeline
PublishedApr 4
Latest updateMay 17

Description

Multiple open redirect vulnerabilities in Cisco Emergency Responder (ER) 8.6 and earlier allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified parameters, aka Bug ID CSCun37909.

CVSS vector

AV:N/AC:M/C:N/I:P/A:NExploitability: 8.6 | Impact: 2.9

Affected Packages1 packages

🔴Vulnerability Details

2
GHSA
GHSA-cwpx-p85h-76pc: Multiple open redirect vulnerabilities in Cisco Emergency Responder (ER) 82022-05-17
CVEList
CVE-2014-2117: Multiple open redirect vulnerabilities in Cisco Emergency Responder (ER) 82014-04-04

📋Vendor Advisories

1
Cisco
Cisco Emergency Responder Open Redirect Vulnerability2014-04-03
CVE-2014-2117 (MEDIUM CVSS 4.3) | Multiple open redirect vulnerabilit | cvebase.io