5.8
CVE-2012-0146
- EPSS 11%
- Veröffentlicht 10.04.2012 21:55:01
- Zuletzt bearbeitet 16.06.2026 23:36:47
- Quelle secure@microsoft.com
- CVE-Watchlists
- Unerledigt
Open redirect vulnerability in Microsoft Forefront Unified Access Gateway (UAG) 2010 SP1 and SP1 Update 1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a crafted URL, aka "UAG Blind HTTP Redirect Vulnerability."
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Microsoft ≫ Forefront Unified Access Gateway Version2010 Updatesp1
Microsoft ≫ Forefront Unified Access Gateway Version2010 Updatesp1_update1
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 11% | 0.953 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.8 | 8.6 | 4.9 |
AV:N/AC:M/Au:N/C:P/I:P/A:N
|
CWE-20 Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
http://osvdb.org/81131
http://secunia.com/advisories/48787
http://www.securityfocus.com/bid/52903
http://www.securitytracker.com/id?1026909
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-026
https://exchange.xforce.ibmcloud.com/vulnerabilities/74367
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15476