What is CVE-2015-6501?

CVE-2015-6501 is a medium-severity vulnerability in Puppet Puppet_enterprise, classified under URL Redirection to Untrusted Site (Open Redirect). CVSS score: 6.1/10. Published 2017-01-12.

How severe is CVE-2015-6501?

Medium severity. CVSS v3 base score is 6.1 out of 10.

Open Redirect in Puppet Puppet_enterprise

CVE-2015-6501

Open redirect vulnerability in the Console in Puppet Enterprise before 2015.2.1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via the string parameter.

Vulnerability class: Open Redirect

EPSS: 0.002 (40.6th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 6.1 (Medium). Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N.

Affected products

Puppet Puppet_enterprise
N/a — versions n/a

Weakness classification (CWE)

CWE-601 — URL Redirection to Untrusted Site (Open Redirect)

References

93845 (Third Party Advisory, VDB Entry, vdb-entry, x_refsource_BID)
cve@mitre.org (x_refsource_CONFIRM, Vendor Advisory)

Frequently asked questions

What is CVE-2015-6501?: CVE-2015-6501 is a medium-severity vulnerability in Puppet Puppet_enterprise, classified under URL Redirection to Untrusted Site (Open Redirect). CVSS score: 6.1/10. Published 2017-01-12.
How severe is CVE-2015-6501?: Medium severity. CVSS v3 base score is 6.1 out of 10.