Lucene search

K
cve[email protected]CVE-2008-0241
HistoryJan 11, 2008 - 10:46 p.m.

CVE-2008-0241

2008-01-1122:46:00
CWE-20
web.nvd.nist.gov
23
cve-2008-0241
open redirect vulnerability
sun java system identity manager
remote attackers
phishing attacks

6.7 Medium

AI Score

Confidence

High

5.8 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:P/A:P

0.007 Low

EPSS

Percentile

81.0%

Open redirect vulnerability in /idm/user/login.jsp in Sun Java System Identity Manager 6.0 SP1 through SP3, 7.0, and 7.1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the nextPage parameter.

Affected configurations

NVD
Node
sunjava_system_identity_managerMatch6.0sp1
OR
sunjava_system_identity_managerMatch6.0sp2
OR
sunjava_system_identity_managerMatch6.0sp3
OR
sunjava_system_identity_managerMatch7.0
OR
sunjava_system_identity_managerMatch7.1

6.7 Medium

AI Score

Confidence

High

5.8 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:P/A:P

0.007 Low

EPSS

Percentile

81.0%

Related for CVE-2008-0241