Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2006-2353

NmConsole/DeviceSelection.asp in Ipswitch WhatsUp Professional 2006 and WhatsUp Professional 2006 Premium allows remote attackers to redirect users to other websites via the (1) sCancelURL and possibly (2) sRedirectUrl parameters.

Published

2006-05-15T10:02:00.000

Last Modified

2025-04-03T01:03:51.193

Status

Deferred

Source

[email protected]

Severity

CVSSv2: 5.0 (MEDIUM)

CVSSv2 Vector

AV:N/AC:L/Au:N/C:N/I:P/A:N

Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality Impact: NONE
Integrity Impact: PARTIAL
Availability Impact: NONE

Exploitability Score

10.0

Impact Score

2.9

Weaknesses

Type: Primary
CWE-264

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	ipswitch	whatsup_professional	2006	Yes
Application	ipswitch	whatsup_professional	2006_premium	Yes

References

http://secunia.com/advisories/20075 Vendor Advisory ([email protected])
http://securityreason.com/securityalert/897 ([email protected])
http://www.osvdb.org/25473 ([email protected])
http://www.securityfocus.com/archive/1/433808 Vendor Advisory ([email protected])
http://www.vupen.com/english/advisories/2006/1787 Vendor Advisory ([email protected])
https://exchange.xforce.ibmcloud.com/vulnerabilities/26502 ([email protected])
http://secunia.com/advisories/20075 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://securityreason.com/securityalert/897 (af854a3a-2127-422b-91ae-364da2661108)
http://www.osvdb.org/25473 (af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/archive/1/433808 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://www.vupen.com/english/advisories/2006/1787 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://exchange.xforce.ibmcloud.com/vulnerabilities/26502 (af854a3a-2127-422b-91ae-364da2661108)