Vulnerability Description
Open redirect vulnerability in dana/home/homepage.cgi in Juniper Networks IVE 6.5R1 (Build 14599) and 6.5R2 (Build 14951) allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the Location parameter.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Juniper | Secure Access | 6.5 |
Related Weaknesses (CWE)
References
- http://osvdb.org/65289Exploit
- http://secunia.com/advisories/40117Vendor Advisory
- http://www.juniper.net/alerts/viewalert.jsp?actionBtn=Search&txtAlertNumber=PSN-
- http://www.procheckup.com/vulnerability_manager/vulnerabilities/pr09-17Exploit
- http://www.securityfocus.com/archive/1/511775/100/0/threaded
- http://www.securityfocus.com/bid/40729
- http://www.vupen.com/english/advisories/2010/1420Vendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/59284
- http://osvdb.org/65289Exploit
- http://secunia.com/advisories/40117Vendor Advisory
- http://www.juniper.net/alerts/viewalert.jsp?actionBtn=Search&txtAlertNumber=PSN-
- http://www.procheckup.com/vulnerability_manager/vulnerabilities/pr09-17Exploit
- http://www.securityfocus.com/archive/1/511775/100/0/threaded
- http://www.securityfocus.com/bid/40729
- http://www.vupen.com/english/advisories/2010/1420Vendor Advisory
FAQ
What is CVE-2010-2289?
CVE-2010-2289 is a vulnerability with a CVSS score of 4.3 (MEDIUM). Open redirect vulnerability in dana/home/homepage.cgi in Juniper Networks IVE 6.5R1 (Build 14599) and 6.5R2 (Build 14951) allows remote attackers to redirect users to arbitrary web sites and conduct p...
How severe is CVE-2010-2289?
CVE-2010-2289 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2010-2289?
Check the references section above for vendor advisories and patch information. Affected products include: Juniper Secure Access.