Home > Vulnerability Database > CVE-2020-10775

Mend.io Vulnerability Database

CVE-2020-10775

Date: August 24, 2020

An Open redirect vulnerability was found in ovirt-engine versions 4.4 and earlier, where it allows remote attackers to redirect users to arbitrary web sites and attempt phishing attacks. Once the target has opened the malicious URL in their browser, the critical part of the URL is no longer visible. The highest threat from this vulnerability is on confidentiality.

Language: Java

Severity Score

5.3

Related Resources (3)

Url: https://nvd.nist.gov/vuln/detail/CVE-2020-10775

Url: https://bugzilla.redhat.com/show_bug.cgi?id=1847420

Url: https://www.mend.io/vulnerability-database/CVE-2020-10775

Severity Score

5.3

Weakness Type (CWE)

URL Redirection to Untrusted Site ('Open Redirect')

CWE-601

User Interface (UI) Misrepresentation of Critical Information

CWE-451

CVSS v3.1

Base Score:	5.3
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	HIGH
Privileges Required (PR):	NONE
User Interaction (UI):	REQUIRED
Scope (S):	UNCHANGED
Confidentiality (C):	HIGH
Integrity (I):	NONE
Availability (A):	NONE

CVSS v2

Base Score:	2.6
Access Vector (AV):	NETWORK
Access Complexity (AC):	HIGH
Authentication (AU):	NONE
Confidentiality (C):	PARTIAL
Integrity (I):	NONE
Availability (A):	NONE
Additional information:

Mend.io Vulnerability Database

We found results for “”

CVE-2020-10775

Date: August 24, 2020

Language: Java

Severity Score

Related Resources (3)

Severity Score

Weakness Type (CWE)

CVSS v3.1

CVSS v2

Do you need more information?