CVE-2012-0146

Опубликовано: 10 апр. 2012

Источник: nvd

CVSS2: 5.8

EPSS Средний

Описание

Open redirect vulnerability in Microsoft Forefront Unified Access Gateway (UAG) 2010 SP1 and SP1 Update 1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a crafted URL, aka "UAG Blind HTTP Redirect Vulnerability."

Ссылки

http://osvdb.org/81131
http://secunia.com/advisories/48787
http://www.securityfocus.com/bid/52903
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id?1026909
Third Party Advisory
VDB Entry
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-026
https://exchange.xforce.ibmcloud.com/vulnerabilities/74367
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15476
http://osvdb.org/81131
http://secunia.com/advisories/48787
http://www.securityfocus.com/bid/52903
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id?1026909
Third Party Advisory
VDB Entry
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-026
https://exchange.xforce.ibmcloud.com/vulnerabilities/74367
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15476

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:microsoft:forefront_unified_access_gateway:2010:sp1:*:*:*:*:*:*

cpe:2.3:a:microsoft:forefront_unified_access_gateway:2010:sp1_update1:*:*:*:*:*:*

EPSS

Процентиль: 96%

0.25126

Средний

5.8 Medium

CVSS2

Дефекты

CWE-20

Связанные уязвимости

GHSA-3chf-r576-v3g8

github

почти 4 года назад