CVE-2023-37624

EUVD-2023-41506
Netdisco before v2.063000 was discovered to contain an open redirect vulnerability. An attacker may exploit this vulnerability to redirect users to arbitrary web URLs by tricking the victim users to click on crafted links.
Open Redirect
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
6.1 MEDIUM
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 24%
Affected Products (NVD)
VendorProductVersion
netdisconetdisco
𝑥
< 2.063000
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://github.com/benjaminpsinclair/Netdisco-2023-Advisory
https://github.com/benjaminpsinclair/Netdisco-CVE
https://github.com/netdisco/netdisco/commit/a2da6a7a046c1c0fd41072dd6991eec7614293f8
https://github.com/benjaminpsinclair/Netdisco-2023-Advisory
https://github.com/benjaminpsinclair/Netdisco-CVE
https://github.com/netdisco/netdisco/commit/a2da6a7a046c1c0fd41072dd6991eec7614293f8