CVE-2010-2289

Exploit

EPSS 0.59%
Published 15.06.2010 14:04:26
Last modified 11.04.2025 00:51:21
Source cve@mitre.org
Teams watchlist Login
Open Login

Open redirect vulnerability in dana/home/homepage.cgi in Juniper Networks IVE 6.5R1 (Build 14599) and 6.5R2 (Build 14951) allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the Location parameter.

Affected products Warnungen 0 Metrics 2 CWE 1 References 11

Data is provided by the National Vulnerability Database (NVD)

Juniper ≫ Secure Access Version6.5 Updater1.0

Juniper ≫ Secure Access Version6.5 Updater2.0

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.59%	0.666

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	4.3	8.6	2.9	AV:N/AC:M/Au:N/C:N/I:P/A:N

CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

http://www.juniper.net/alerts/viewalert.jsp?actionBtn=Search&txtAlertNumber=PSN-2010-05-751&viewMode=view

http://www.procheckup.com/vulnerability_manager/vulnerabilities/pr09-17

Exploit

http://www.securityfocus.com/archive/1/511775/100/0/threaded

http://osvdb.org/65289

Exploit

http://secunia.com/advisories/40117

Vendor Advisory

http://www.securityfocus.com/bid/40729

http://www.vupen.com/english/advisories/2010/1420

Vendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/59284

https://nvd.nist.gov/vuln/detail/CVE-2010-2289

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2010-2289

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2010-2289

EUVD