CVE-2015-6501
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2015-6501
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
Open redirect vulnerability in the Console in Puppet Enterprise before 2015.2.1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via the string parameter.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Puppet Enterprise Console 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Puppet是美国Puppet实验室的一套基于客户端/服务器(C/S)架构的配置管理工具,它可用于管理配置文件、用户、cron任务、软件包、系统服务等。Puppet Enterprise是一个企业版。console是其中的一个控制台工具。 Puppet Enterprise 2015.2.1之前的版本中的Console存在开放重定向漏洞。远程攻击者可借助‘string’参数利用该漏洞将用户重定向到任意Web站点,并实施钓鱼攻击。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| - | n/a | n/a | - |
II. Public POCs for CVE-2015-6501
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2015-6501
请登录查看更多情报信息。
Same Patch Batch · n/a · 2017-01-12 · 33 CVEs total
| CVE-2016-8466 | Android Broadcom Wi-Fi驱动程序权限许可和访问控制漏洞 | |
| CVE-2016-7479 | PHP 安全漏洞 | |
| CVE-2017-5351 | Samsung Note 安全漏洞 | |
| CVE-2017-5350 | Samsung Note 安全漏洞 | |
| CVE-2017-5347 | MetalGenix GeniXCMS SQL注入漏洞 | |
| CVE-2017-5346 | MetalGenix GeniXCMS SQL注入漏洞 | |
| CVE-2017-5345 | MetalGenix GeniXCMS SQL注入漏洞 | |
| CVE-2016-9444 | ISC BIND 安全漏洞 | |
| CVE-2016-9147 | ISC BIND 安全漏洞 | |
| CVE-2016-9131 | ISC BIND 安全漏洞 | |
| CVE-2016-10131 | EllisLab CodeIgniter 安全漏洞 | |
| CVE-2017-5225 | Silicon Graphics LibTIFF 缓冲区错误漏洞 | |
| CVE-2016-8404 | Android kernel组件信息泄露漏洞 | |
| CVE-2016-6790 | Android NVIDIA libomx库权限许可和访问控制漏洞 | |
| CVE-2016-6784 | Android MediaTek驱动程序权限许可和访问控制漏洞 | |
| CVE-2016-6779 | Android HTC Sound Codec驱动程序权限许可和访问控制漏洞 | |
| CVE-2016-10027 | Smack 竞争条件漏洞 | |
| CVE-2016-8461 | Android bootloader 信息泄露漏洞 | |
| CVE-2016-8454 | Android Broadcom Wi-Fi驱动程序权限许可和访问控制漏洞 | |
| CVE-2016-8424 | Android NVIDIA GPU驱动程序权限许可和访问控制漏洞 |
Showing top 20 of 33 CVEs. View all on vendor page → →
IV. Related Vulnerabilities
V. Comments for CVE-2015-6501
No comments yet