CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2017-3889

A vulnerability in the web interface of the Cisco Registered Envelope Service could allow an unauthenticated, remote attacker to redirect a user to a undesired web page, aka an Open Redirect. This vulnerability affects the Cisco Registered Envelope cloud-based service. More Information: CSCvc60123. Known Affected Releases: 5.1.0-015.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 50.1%

CVSS Severity

CVSS v3 Score 6.1

CVSS v2 Score 5.8

References

http://www.securityfocus.com/bid/97433
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170405-res
http://www.securityfocus.com/bid/97433
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170405-res

Products affected by CVE-2017-3889

Cisco » Registered Envelope Service » Version: 5.1.0-015

cpe:2.3:a:cisco:registered_envelope_service:5.1.0-015

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2017-3889

Products

Pricing

Contact Us