CVE-2005-10001

Опубликовано: 28 мар. 2022

Источник: nvd

CVSS3: 5.4

CVSS3: 6.1

CVSS2: 5.8

EPSS Низкий

Описание

A vulnerability was found in Netegrity SiteMinder up to 4.5.1 and classified as critical. Affected by this issue is the file /siteminderagent/pwcgi/smpwservicescgi.exe of the component Login. The manipulation of the argument target leads to an open redirect. The exploit has been disclosed to the public and may be used. NOTE: This vulnerability only affects products that are no longer supported by the maintainer

Ссылки

https://vuldb.com/?id.1022
Third Party Advisory
https://vuldb.com/?id.1022
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:broadcom:symantec_siteminder:4.5.0:*:*:*:*:*:*:*

cpe:2.3:a:broadcom:symantec_siteminder:4.5.1:*:*:*:*:*:*:*

EPSS

Процентиль: 38%

0.00166

Низкий

5.4 Medium

CVSS3

6.1 Medium

CVSS3

5.8 Medium

CVSS2

Дефекты

CWE-601

Связанные уязвимости

GHSA-5wv4-gxj7-wpqw

CVSS3: 6.1

github

почти 4 года назад

** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in Netegrity SiteMinder up to 4.5.1 and classified as critical. Affected by this issue is the file /siteminderagent/pwcgi/smpwservicescgi.exe of the component Login. The manipulation of the argument target leads to an open redirect. The exploit has been disclosed to the public and may be used. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.

EPSS

Процентиль: 38%

0.00166

Низкий

5.4 Medium

CVSS3

6.1 Medium

CVSS3

5.8 Medium

CVSS2

Дефекты

CWE-601