CVE-2008-5117

EPSS 1.26%
Published 18.11.2008 00:30:00
Last modified 09.04.2025 00:30:58
Source cve@mitre.org
Teams watchlist Login
Open Login

Open redirect vulnerability in Sun Java System Identity Manager 6.0 through 6.0 SP4, 7.0, and 7.1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.

Affected products Warnungen 0 Metrics 2 CWE 1 References 10

Data is provided by the National Vulnerability Database (NVD)

Sun ≫ Java System Identity Manager Version6.0

Sun ≫ Java System Identity Manager Version6.0 Updatesp1

Sun ≫ Java System Identity Manager Version6.0 Updatesp2

Sun ≫ Java System Identity Manager Version6.0 Updatesp3

Sun ≫ Java System Identity Manager Version6.0 Updatesp4

Sun ≫ Java System Identity Manager Version7.0

Sun ≫ Java System Identity Manager Version7.1

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	1.26%	0.775

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	6.4	10	4.9	AV:N/AC:L/Au:N/C:N/I:P/A:P

CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

http://secunia.com/advisories/32606

Vendor Advisory

http://sunsolve.sun.com/search/document.do?assetkey=1-26-243386-1

Patch

Vendor Advisory

http://www.securityfocus.com/bid/32262

http://www.securitytracker.com/id?1021170

http://www.vupen.com/english/advisories/2008/3128

http://osvdb.org/49768

https://exchange.xforce.ibmcloud.com/vulnerabilities/46556

https://nvd.nist.gov/vuln/detail/CVE-2008-5117

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2008-5117

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2008-5117

EUVD