Lucene search

[email protected]CVE-2011-1897

HistoryOct 12, 2011 - 2:52 a.m.

CVE-2011-1897

2011-10-1202:52:43

CWE-79

[email protected]

web.nvd.nist.gov

cve-2011-1897

cross-site scripting

xss

microsoft

forefront unified access gateway

uag

security vulnerability

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

5.1 Medium

AI Score

Confidence

High

0.004 Low

EPSS

Percentile

75.1%

JSON

Cross-site scripting (XSS) vulnerability in Microsoft Forefront Unified Access Gateway (UAG) 2010 Gold, Update 1, Update 2, and SP1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka “Default Reflected XSS Vulnerability.”

Affected configurations

NVD

Node

microsoftforefront_unified_access_gatewayMatch2010

microsoftforefront_unified_access_gatewayMatch2010sp1

microsoftforefront_unified_access_gatewayMatch2010update1

microsoftforefront_unified_access_gatewayMatch2010update2

CPENameOperatorVersion
microsoft:forefront_unified_access_gatewaymicrosoft forefront unified access gatewayeq2010

CPE	Name	Operator	Version
microsoft:forefront_unified_access_gateway	microsoft forefront unified access gateway	eq	2010

References

docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-079

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13039

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

5.1 Medium

AI Score

Confidence

High

0.004 Low

EPSS

Percentile

75.1%

JSON

Related for CVE-2011-1897

checkpoint_advisories3 symantec1 cvelist1 nvd1 prion1 openvas2 mskb1 nessus1