Remote URL Redirection Vulnerability in HPE OneView Global Dashboard
CVE-2021-29217

6.1MEDIUM

Key Information:

Vendor: HP
Status: HPe Oneview Global Dashboard
Vendor: CVE Published:; 24 February 2022

Summary

A remote URL redirection vulnerability exists in HPE OneView Global Dashboard prior to version 2.5. This vulnerability can be exploited by an attacker to redirect users to malicious websites, potentially leading to phishing attacks and the theft of sensitive information. It is crucial for users to update to the latest version provided by HPE to mitigate this risk.

Affected Version(s)

HPE OneView Global Dashboard Prior to 2.5

References

https://support.hpe.com/hpsc/doc/public/display?docLocale...

x_refsource_MISC

CVSS V3.1

Score:

6.1

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Changed

Timeline

Vulnerability published
Feb 24, 2022
Vulnerability Reserved
Mar 25, 2021