Mend Vulnerability Database

What is a CVE vulnerability ID? icon What is a WS vulnerability ID? icon
New vulnerability? Tell us about it!
icon

We found results for “

CVE-2014-4695

Good to know:

icon

Date: July 2, 2014

Multiple open redirect vulnerabilities in the Snort package before 3.0.13 for pfSense through 2.1.4 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via (1) the referer parameter to snort_rules_flowbits.php or (2) the returl parameter to snort_select_alias.php.

Language: PHP

Severity Score

Related Resources (3)

https://pfsense.org/security/advisories/pfSense-SA-14_13.packages.asc
https://nvd.nist.gov/vuln/detail/CVE-2014-4695
https://www.mend.io/vulnerability-database/CVE-2014-4695

Severity Score

Top Fix

icon

Upgrade Version

No fix version available

CVSS v2

Base Score:
Access Vector (AV): NETWORK
Access Complexity (AC): MEDIUM
Authentication (AU): NONE
Confidentiality (C): PARTIAL
Integrity (I): PARTIAL
Availability (A): NONE
Additional information:

Do you need more information?

Contact Us