Lucene search

K
cve[email protected]CVE-2014-8489
HistoryDec 12, 2014 - 3:59 p.m.

CVE-2014-8489

2014-12-1215:59:10
web.nvd.nist.gov
32
vulnerability
open redirect
pingfederate
cve-2014-8489
nvd

6.4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:P/A:N

6.8 Medium

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

71.8%

Open redirect vulnerability in startSSO.ping in the SP Endpoints in Ping Identity PingFederate 6.10.1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the TargetResource parameter.

Affected configurations

NVD
Node
pingidentitypingfederateMatch6.10.1

6.4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:P/A:N

6.8 Medium

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

71.8%

Related for CVE-2014-8489