CVE-2010-2289
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
AI Score
Confidence
High
EPSS
Percentile
79.5%
Open redirect vulnerability in dana/home/homepage.cgi in Juniper Networks IVE 6.5R1 (Build 14599) and 6.5R2 (Build 14951) allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the Location parameter.
Affected configurations
| Vendor | Product | Version | CPE |
|---|---|---|---|
| juniper | secure_access | 6.5 | cpe:2.3:a:juniper:secure_access:6.5:r1.0:*:*:*:*:*:* |
| juniper | secure_access | 6.5 | cpe:2.3:a:juniper:secure_access:6.5:r2.0:*:*:*:*:*:* |
References
osvdb.org/65289
secunia.com/advisories/40117
www.juniper.net/alerts/viewalert.jsp?actionBtn=Search&txtAlertNumber=PSN-2010-05-751&viewMode=view
www.procheckup.com/vulnerability_manager/vulnerabilities/pr09-17
www.securityfocus.com/archive/1/511775/100/0/threaded
www.securityfocus.com/bid/40729
www.vupen.com/english/advisories/2010/1420
exchange.xforce.ibmcloud.com/vulnerabilities/59284
Related
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
AI Score
Confidence
High
EPSS
Percentile
79.5%