5.8

CVE-2012-0146

Open redirect vulnerability in Microsoft Forefront Unified Access Gateway (UAG) 2010 SP1 and SP1 Update 1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a crafted URL, aka "UAG Blind HTTP Redirect Vulnerability."

Daten sind bereitgestellt durch National Vulnerability Database (NVD)
MicrosoftForefront Unified Access Gateway Version2010 Updatesp1
MicrosoftForefront Unified Access Gateway Version2010 Updatesp1_update1
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 25.13% 0.957
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.8 8.6 4.9
AV:N/AC:M/Au:N/C:P/I:P/A:N
CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

http://www.securityfocus.com/bid/52903
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id?1026909
Third Party Advisory
VDB Entry