How severe is CVE-2021-1218?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 4.6 out of 10.

What type of vulnerability is CVE-2021-1218?

This is classified as CWE-601, which is a common weakness in software security.

CVE-2021-1218 - MEDIUM Severity | CVSS 4.6

Vulnerability Description

A vulnerability in the web management interface of Cisco Smart Software Manager satellite could allow an authenticated, remote attacker to redirect a user to an undesired web page. The vulnerability is due to improper input validation of the URL parameters in an HTTP request that is sent to an affected device. An attacker could exploit this vulnerability by sending a crafted HTTP request that could cause the web application to redirect the request to a specified malicious URL. A successful exploit could allow the attacker to redirect a user to a malicious website.

Related Vulnerabilities

CVE-2024-1240

MEDIUM

CVSS:4.6(Medium)

An open redirection vulnerability exists in pyload/pyload version 0.5.0. The vulnerability is due to improper handling of the 'next' parameter in the login functionality. An attacker can exploit this ...

CWE-6012024

CVE-2021-20534

MEDIUM

CVSS:4.5(Medium)

IBM Security Verify Access Docker 10.0.0 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially crafted Web site, a remot...

CWE-6012021

CVE-2025-21401

MEDIUM

CVSS:4.5(Medium)

Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability

CWE-6012025

CVE-2012-0518

MEDIUM

CVSS:4.7(Medium)

Unspecified vulnerability in the Oracle Application Server Single Sign-On component in Oracle Fusion Middleware 10.1.4.3.0 allows remote attackers to affect integrity via unknown vectors related to Re...

CWE-6012012

CVE-2017-6932

MEDIUM

CVSS:4.7(Medium)

Drupal core 7.x versions before 7.57 has an external link injection vulnerability when the language switcher block is used. A similar vulnerability exists in various custom and contributed modules. Th...

CWE-6012017

CVE-2019-15974

MEDIUM

CVSS:4.7(Medium)

A vulnerability in the web interface of Cisco Managed Services Accelerator (MSX) could allow an unauthenticated, remote attacker to redirect a user to a malicious web page. The vulnerability is due to...

CWE-6012019