VYPR
Unrated severityNVD Advisory· Published Dec 15, 2014· Updated Jun 17, 2026

CVE-2014-6255

CVE-2014-6255

Description

Open redirect vulnerability in the login form in Zenoss Core before 4.2.5 SP161 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via the came_from parameter, aka ZEN-11998.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

17
  • Zenoss/Core17 versions
    cpe:2.3:a:zenoss:zenoss_core:*:*:*:*:*:*:*:*+ 16 more
    • cpe:2.3:a:zenoss:zenoss_core:*:*:*:*:*:*:*:*range: <=4.2.5
    • cpe:2.3:a:zenoss:zenoss_core:2.4.0:*:*:*:*:*:*:*
    • cpe:2.3:a:zenoss:zenoss_core:2.4.5:*:*:*:*:*:*:*
    • cpe:2.3:a:zenoss:zenoss_core:2.5.0:*:*:*:*:*:*:*
    • cpe:2.3:a:zenoss:zenoss_core:2.5.1:*:*:*:*:*:*:*
    • cpe:2.3:a:zenoss:zenoss_core:2.5.2:*:*:*:*:*:*:*
    • cpe:2.3:a:zenoss:zenoss_core:3.0.0:*:*:*:*:*:*:*
    • cpe:2.3:a:zenoss:zenoss_core:3.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:zenoss:zenoss_core:3.0.2:*:*:*:*:*:*:*
    • cpe:2.3:a:zenoss:zenoss_core:3.0.3:*:*:*:*:*:*:*
    • cpe:2.3:a:zenoss:zenoss_core:3.1.0:*:*:*:*:*:*:*
    • cpe:2.3:a:zenoss:zenoss_core:3.2.0:*:*:*:*:*:*:*
    • cpe:2.3:a:zenoss:zenoss_core:3.2.1:*:*:*:*:*:*:*
    • cpe:2.3:a:zenoss:zenoss_core:4.2.0:*:*:*:*:*:*:*
    • cpe:2.3:a:zenoss:zenoss_core:4.2.3:*:*:*:*:*:*:*
    • cpe:2.3:a:zenoss:zenoss_core:4.2.4:*:*:*:*:*:*:*
    • (no CPE)range: < 4.2.5 SP161

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.