Lucene search

K
cve[email protected]CVE-2014-8489
HistoryDec 12, 2014 - 3:59 p.m.

CVE-2014-8489

2014-12-1215:59:10
web.nvd.nist.gov
32
vulnerability
open redirect
pingfederate
cve-2014-8489
nvd

6.8 Medium

AI Score

Confidence

Low

6.4 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:P/A:N

0.003 Low

EPSS

Percentile

71.8%

Open redirect vulnerability in startSSO.ping in the SP Endpoints in Ping Identity PingFederate 6.10.1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the TargetResource parameter.

Affected configurations

NVD
Node
pingidentitypingfederateMatch6.10.1

6.8 Medium

AI Score

Confidence

Low

6.4 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:P/A:N

0.003 Low

EPSS

Percentile

71.8%

Related for CVE-2014-8489