Headline
CVE-2023-0681: Nexpose Release Notes
Rapid7 InsightVM versions 6.6.178 and lower suffers from an open redirect vulnerability, whereby an attacker has the ability to redirect the user to a site of the attacker’s choice using the ‘page’ parameter of the ‘data/console/redirect’ component of the application. This issue was resolved in the February, 2023 release of version 6.6.179.
Products
Insight Platform Solutions
Threat Intelligence
THREAT COMMAND
Vulnerability Management
INSIGHTVM
Dynamic Application Security Testing
INSIGHTAPPSEC
Orchestration & Automation (SOAR)
INSIGHTCONNECT
Cloud Security
INSIGHTCLOUDSEC
* More Solutions
* Penetration Testing
METASPLOIT
* On-Prem Vulnerability Management
NEXPOSE
* Digital Forensics and Incident Response (DFIR)
Velociraptor
* Cloud Risk Complete
Cloud Security with Unlimited Vulnerability Management
Explore Offer
* Managed Threat Complete
MDR with Unlimited Risk Coverage
Explore offer
Services
MANAGED SERVICES
Detection and Response
24/7 MONITORING & REMEDIATION FROM MDR EXPERTS
Vulnerability Management
PERFECTLY OPTIMIZED RISK ASSESSMENT
Application Security
SCAN MANAGEMENT & VULNERABILITY VALIDATION
* OTHER SERVICES
* Security Advisory Services
PLAN, BUILD, & PRIORITIZE SECURITY INITIATIVES
* Product Consulting
QUICK-START & CONFIGURATION
* Training & Certification
SKILLS & ADVANCEMENT
* Penetration Services
TEST YOUR DEFENSES IN REAL-TIME
* IoT Security Testing
SECURE EVERYTHING CONNECTED TO A CONNECTED WORLD
* Premium Support
PRIORITY HELP & FASTER SOLUTIONS
Support & Resources
SUPPORT
Support Portal
CONTACT CUSTOMER SUPPORT
Product Documentation
EXPLORE PRODUCT GUIDES
Release Notes
DISCOVER THE LATEST PRODUCT UPDATES
RESOURCES
Fundamentals
FOUNDATIONAL SECURITY KNOWLEDGE
Blog
THE LATEST INDUSTRY NEWS AND SECURITY EXPERTISE
Resources Library
E-BOOKS, WHITE PAPERS, VIDEOS & BRIEFS
Extensions Library
PLUGINS, INTEGRATIONS & DEVELOPER COMMUNITY
Partners
RAPID7 PARTNER ECOSYSTEM
Webcasts & Events
UPCOMING OPPORTUNITIES TO CONNECT WITH US
Vulnerability & Exploit Database
SEARCH THE LATEST SECURITY RESEARCH
Company
OVERVIEW
Leadership
EXECUTIVE TEAM & BOARD
News & Press Releases
THE LATEST FROM OUR NEWSROOM
Our Customers
Their Success Stories
* COMMUNITY & CULTURE
* Social Good
OUR COMMITMENT & APPROACH
* Rapid7 Cybersecurity Foundation
BUILDING THE FUTURE
* Diversity, Equity & Inclusion
EMPOWERING PEOPLE
* Open Source
STRENGTHENING CYBERSECURITY
* Public Policy
ENGAGEMENT & ADVOCACY
RESEARCH
Sign In
All Products
- AppSpider
- Insight Agent
- InsightAppSec
- InsightCloudSec
- InsightConnect
- Insight Platform
- InsightIDR
- Insight Network Sensor
- InsightOps
- InsightVM
- Metasploit
- Nexpose
- tCell
- Managed Services
Products
Insight Platform Solutions
Threat Intelligence
THREAT COMMAND
Vulnerability Management
INSIGHTVM
Dynamic Application Security Testing
INSIGHTAPPSEC
Orchestration & Automation (SOAR)
INSIGHTCONNECT
Cloud Security
INSIGHTCLOUDSEC
* More Solutions
* Penetration Testing
METASPLOIT
* On-Prem Vulnerability Management
NEXPOSE
* Digital Forensics and Incident Response (DFIR)
Velociraptor
* Cloud Risk Complete
Cloud Security with Unlimited Vulnerability Management
Explore Offer
* Managed Threat Complete
MDR with Unlimited Risk Coverage
Explore offer
Services
MANAGED SERVICES
Detection and Response
24/7 MONITORING & REMEDIATION FROM MDR EXPERTS
Vulnerability Management
PERFECTLY OPTIMIZED RISK ASSESSMENT
Application Security
SCAN MANAGEMENT & VULNERABILITY VALIDATION
* OTHER SERVICES
* Security Advisory Services
PLAN, BUILD, & PRIORITIZE SECURITY INITIATIVES
* Product Consulting
QUICK-START & CONFIGURATION
* Training & Certification
SKILLS & ADVANCEMENT
* Penetration Services
TEST YOUR DEFENSES IN REAL-TIME
* IoT Security Testing
SECURE EVERYTHING CONNECTED TO A CONNECTED WORLD
* Premium Support
PRIORITY HELP & FASTER SOLUTIONS
Support & Resources
SUPPORT
Support Portal
CONTACT CUSTOMER SUPPORT
Product Documentation
EXPLORE PRODUCT GUIDES
Release Notes
DISCOVER THE LATEST PRODUCT UPDATES
RESOURCES
Fundamentals
FOUNDATIONAL SECURITY KNOWLEDGE
Blog
THE LATEST INDUSTRY NEWS AND SECURITY EXPERTISE
Resources Library
E-BOOKS, WHITE PAPERS, VIDEOS & BRIEFS
Extensions Library
PLUGINS, INTEGRATIONS & DEVELOPER COMMUNITY
Partners
RAPID7 PARTNER ECOSYSTEM
Webcasts & Events
UPCOMING OPPORTUNITIES TO CONNECT WITH US
Vulnerability & Exploit Database
SEARCH THE LATEST SECURITY RESEARCH
Company
OVERVIEW
Leadership
EXECUTIVE TEAM & BOARD
News & Press Releases
THE LATEST FROM OUR NEWSROOM
Our Customers
Their Success Stories
* COMMUNITY & CULTURE
* Social Good
OUR COMMITMENT & APPROACH
* Rapid7 Cybersecurity Foundation
BUILDING THE FUTURE
* Diversity, Equity & Inclusion
EMPOWERING PEOPLE
* Open Source
STRENGTHENING CYBERSECURITY
* Public Policy
ENGAGEMENT & ADVOCACY
RESEARCH
Sign In
Documentation
All Products
AppSpider
Insight Agent
InsightAppSec
InsightCloudSec
InsightConnect
Insight Platform
InsightIDR
Insight Network Sensor
InsightOps
InsightVM
Metasploit
Nexpose
tCell
Managed Services