CVE-2023-35791 is an Open Redirect vulnerability identified in Vound Intella Connect version 2.6.0.3. Open Redirect vulnerabilities occur when a web application accepts untrusted input that could cause the application to redirect the request to a URL contained within untrusted input. This vulnerability allows an attacker to craft a malicious URL that appears to be from a legitimate source but redirects users to a potentially harmful external site. The CVSS 3.1 base score for this vulnerability is 6.1, indicating a medium severity level. The vector string CVSS:3.1/AC:L/AV:N/A:N/C:L/I:L/PR:N/S:C/UI:R indicates that the attack complexity is low, the attack can be performed remotely without authentication, and user interaction is required (i.e., the victim must click the malicious link). The vulnerability impacts confidentiality and integrity to a limited extent, as the attacker can potentially trick users into visiting malicious sites, leading to phishing or other social engineering attacks. The scope is changed (S:C), meaning the vulnerability affects components beyond the initially vulnerable component, potentially impacting other parts of the system or user sessions. No known exploits are reported in the wild, and no patches or vendor advisories are currently linked, which suggests that organizations using this version of Vound Intella Connect should be vigilant and consider mitigation strategies proactively.

For European organizations using Vound Intella Connect 2.6.0.3, this vulnerability poses a risk primarily related to phishing and social engineering attacks facilitated by the open redirect. Attackers could exploit this to redirect employees or clients to malicious websites that harvest credentials, deliver malware, or conduct further attacks. The impact on confidentiality and integrity is moderate due to the potential for credential theft or session hijacking if combined with other vulnerabilities or attack vectors. Availability is not directly impacted by this vulnerability. Given that Vound Intella Connect is used for eDiscovery and data analysis, organizations handling sensitive legal or investigative data could face reputational damage and compliance risks if attackers leverage this vulnerability to compromise user trust or gain indirect access to sensitive information. The requirement for user interaction means that effective user awareness and training can reduce risk, but the vulnerability still represents a vector for targeted attacks, especially in environments with high-value data or regulatory scrutiny such as GDPR compliance in Europe.

Specific mitigation steps include: 1) Immediately review and apply any available patches or updates from Vound for Intella Connect, even if not explicitly linked, by contacting the vendor or monitoring their security advisories. 2) Implement strict input validation and URL whitelisting on any web components that handle redirects to ensure only trusted URLs are allowed. 3) Use web application firewalls (WAFs) to detect and block suspicious redirect patterns and malicious URLs. 4) Enhance user training programs to educate employees about the risks of clicking on unexpected or suspicious links, especially those appearing to come from internal tools. 5) Monitor logs for unusual redirect activity or spikes in traffic to external URLs from the Intella Connect environment. 6) Consider implementing multi-factor authentication (MFA) to reduce the impact of credential theft resulting from phishing attacks leveraging this vulnerability. 7) If possible, isolate or restrict access to the Intella Connect web interface to trusted networks or VPNs to reduce exposure.