CVE-2013-3446

{"id": "CVE-2013-3446", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.8, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 4.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}]}, "published": "2013-09-12T13:28:32.190", "references": [{"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-3446", "tags": ["Vendor Advisory"], "source": "ykramarz@cisco.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-20"}]}], "descriptions": [{"lang": "en", "value": "Open redirect vulnerability in the login page in Cisco Digital Media Manager (DMM) allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors, aka Bug ID CSCub23849."}, {"lang": "es", "value": "Vulnerabilidad de redirecci\u00f3n abierta en la p\u00e1gina de login de Cisco Digital Media Manager (DMM) permite a atacantes remotos redirigir usuarios a sitios web arbitrarios y efectuar ataques de phishing a trav\u00e9s de vectores no especificados, tambi\u00e9n conocido como Bug ID CSCub23849."}], "lastModified": "2013-09-13T18:35:23.337", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:cisco:digital_media_manager:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E0B1E953-33EF-498D-AB75-4A0A7733BC54"}], "operator": "OR"}]}], "sourceIdentifier": "ykramarz@cisco.com"}