CVE-2011-1826

{"id": "CVE-2011-1826", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.8, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 4.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}]}, "published": "2011-05-05T13:22:16.637", "references": [{"url": "http://osvdb.org/72125", "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/44317", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/archive/1/517702/100/0/threaded", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/47588", "source": "cve@mitre.org"}, {"url": "http://www.securitytracker.com/id?1025444", "source": "cve@mitre.org"}, {"url": "http://www.vupen.com/english/advisories/2011/1114", "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67105", "source": "cve@mitre.org"}, {"url": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=%7BA71F5839-D214-4719-B918-4476E4537998%7D", "source": "cve@mitre.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-20"}]}], "descriptions": [{"lang": "en", "value": "Open redirect vulnerability in the Administrative Console in CA Arcot WebFort Versatile Authentication Server (VAS) before 6.2.5 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors."}, {"lang": "es", "value": "Vulnerabilidad de redirecci\u00f3n abierta en Administrative Console en CA Arcot WebFort Versatile Authentication Server (VAS)anterioes a v6.2.5, permite a atacantes remotos redireccionar a usuarios a sitios web de su elecci\u00f3n y llevar a cabo ataques de phishing a trav\u00e9s de vectores no especificados."}], "lastModified": "2023-11-07T02:07:14.737", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:ca:arcot_webfort_versatile_authentication_server:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "50C51856-1D1E-47CB-BB38-1DA7C24D0784", "versionEndIncluding": "6.2.4"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}