CVE-2024-22113 - OpenCVE

Open redirect vulnerability in Access analysis CGI An-Analyzer released in 2023 December 31 and earlier allows a remote unauthenticated attacker to redirect users to arbitrary websites and conduct phishing attacks via a specially crafted URL.

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Changed

Confidentiality Impact Low

Integrity Impact Low

Availability Impact None

User Interaction Required

No CVSS v3.0

No CVSS v2

Vendors & Products
CPE Configurations

Vendors	Products
Anglers-net	Cgi An-anlyzer

Configuration 1 [-]

cpe:2.3:a:anglers-net:cgi_an-anlyzer:*:*:*:*:*:*:*:*

References

Link	Resource
https://jvn.jp/en/jp/JVN73587943/	Third Party Advisory
https://www.anglers-net.com/anlog/update/	Mitigation Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: jpcert

Published: 2024-01-22T04:17:41.024Z

Updated: 2024-01-22T04:17:41.024Z

Reserved: 2024-01-05T06:39:20.650Z

Link: CVE-2024-22113

JSON object: View

NVD Information

Status : Analyzed

Published: 2024-01-22T05:15:09.050

Modified: 2024-01-29T14:23:46.600

Link: CVE-2024-22113

JSON object: View

Redhat Information

No data.

CWE

CWE-601