{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-04T20:12:33.896","vulnerabilities":[{"cve":{"id":"CVE-2018-1251","sourceIdentifier":"security_alert@emc.com","published":"2018-09-28T18:29:01.083","lastModified":"2024-11-21T03:59:28.067","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Dell EMC Unity and UnityVSA versions prior to 4.3.1.1525703027 contains a URL Redirection vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability to redirect Unity users to arbitrary web URLs by tricking the victim user to click on a maliciously crafted Unisphere URL. Attacker could potentially phish information, including Unisphere users' credentials, from the victim once they are redirected."},{"lang":"es","value":"Dell EMC Unity y UnityVSA en versiones anteriores a la 4.3.1.1525703027 contiene una vulnerabilidad de redirección de URL. Un atacante remoto no autenticado podría explotar esta vulnerabilidad para redirigir a los usuarios de Unity a URL web arbitrarias engañando a la víctima para que haga clic en una URL de Unisphere maliciosamente manipulada. Los atacantes podrían captar información, incluyendo las credenciales de usuario de Unisphere, de la víctima una vez son redirigidos."}],"metrics":{"cvssMetricV30":[{"source":"security_alert@emc.com","type":"Secondary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:L","baseScore":8.3,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"LOW"},"exploitabilityScore":2.8,"impactScore":5.5},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N","baseScore":8.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":5.2}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:P/I:P/A:N","baseScore":5.8,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":4.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-601"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:dell:emc_unity_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"4.3.1.1525703027","matchCriteriaId":"CE80D21A-B8AA-4429-9FE7-01522F9595A5"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:dell:emc_unity:-:*:*:*:*:*:*:*","matchCriteriaId":"08D30CDA-12CB-4071-94EC-6186ED329072"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:dell:emc_unityvsa:*:*:*:*:*:*:*:*","versionEndExcluding":"4.3.1.1525703027","matchCriteriaId":"FCAA53DD-EEFF-440F-9979-09B8521FDB64"}]}]}],"references":[{"url":"https://seclists.org/fulldisclosure/2018/Sep/30","source":"security_alert@emc.com","tags":["Mailing List","Third Party Advisory"]},{"url":"https://seclists.org/fulldisclosure/2018/Sep/30","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Third Party Advisory"]}]}}]}