How severe is CVE-2021-1310?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 4.7 out of 10.

What type of vulnerability is CVE-2021-1310?

This is classified as CWE-601, which is a common weakness in software security.

CVE-2021-1310

MEDIUM Year: 2021

CVSS v3 Score

4.7

Medium

CVSS v2 Score

4.3

Medium

Weakness Type

CWE-601

View all →

Vulnerability Description

A vulnerability in the web-based management interface of Cisco Webex Meetings could allow an unauthenticated, remote attacker to redirect a user to an untrusted web page, bypassing the warning mechanism that should prompt the user before the redirection. This vulnerability is due to improper input validation of the URL parameters in an HTTP request. An attacker could exploit this vulnerability by persuading a user to click a crafted link. A successful exploit could allow the attacker to redirect a user to a malicious website, bypassing the Webex URL check that should result in a warning before the redirection to the web page. Attackers may use this type of vulnerability, known as an open redirect attack, as part of a phishing attack to convince users to unknowingly visit malicious sites.

CVE-2012-0518

MEDIUM

CVSS:4.7(Medium)

Unspecified vulnerability in the Oracle Application Server Single Sign-On component in Oracle Fusion Middleware 10.1.4.3.0 allows remote attackers to affect integrity via unknown vectors related to Re...

CWE-6012012

CVE-2017-6932

MEDIUM

CVSS:4.7(Medium)

Drupal core 7.x versions before 7.57 has an external link injection vulnerability when the language switcher block is used. A similar vulnerability exists in various custom and contributed modules. Th...

CWE-6012017

CVE-2019-15974

MEDIUM

CVSS:4.7(Medium)

A vulnerability in the web interface of Cisco Managed Services Accelerator (MSX) could allow an unauthenticated, remote attacker to redirect a user to a malicious web page. The vulnerability is due to...

CWE-6012019

CVE-2019-8995

MEDIUM

CVSS:4.7(Medium)

The workspace client, openspace client, and app development client of TIBCO Software Inc.'s TIBCO ActiveMatrix BPM, TIBCO ActiveMatrix BPM Distribution for TIBCO Silver Fabric, and TIBCO Silver Fabric...

CWE-6012019

CVE-2020-15129

MEDIUM

CVSS:4.7(Medium)

In Traefik before versions 1.7.26, 2.2.8, and 2.3.0-rc3, there exists a potential open redirect vulnerability in Traefik's handling of the "X-Forwarded-Prefix" header. The Traefik API dashboard compon...

CWE-6012020

CVE-2020-3337

MEDIUM

CVSS:4.7(Medium)

A vulnerability in the web server of Cisco Umbrella could allow an unauthenticated, remote attacker to redirect a user to an undesired web page. The vulnerability is due to improper input validation o...

CWE-6012020

CVE-2021-1310

Vulnerability Description

Related Vulnerabilities

CVE-2012-0518

CVE-2017-6932

CVE-2019-15974

CVE-2019-8995

CVE-2020-15129

CVE-2020-3337