ReportizFlow
Filtered by vendor Netegrity
Subscriptions
Filtered by product Siteminder
Subscriptions
Total
4 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2003-1312 | 1 Netegrity | 1 Siteminder | 2024-11-21 | N/A |
| siteminderagent/SmMakeCookie.ccc in Netegrity SiteMinder places a session ID string in the value of the SMSESSION parameter in a URL, which might allow remote attackers to obtain the ID by sniffing, reading Referer logs, or other methods. | ||||
| CVE-2003-1311 | 1 Netegrity | 1 Siteminder | 2024-11-21 | N/A |
| siteminderagent/SmMakeCookie.ccc in Netegrity SiteMinder does not ensure that the TARGET parameter names a valid redirection resource, which allows remote attackers to construct a URL that might trick users into visiting an arbitrary web site referenced by this parameter. | ||||
| CVE-2001-1455 | 1 Netegrity | 1 Siteminder | 2024-11-21 | N/A |
| Netegrity SiteMinder 3.6 through 4.5.1 allows remote attackers to bypass filtering via URLs containing Unicode characters. | ||||
| CVE-2000-0850 | 1 Netegrity | 1 Siteminder | 2024-11-21 | N/A |
| Netegrity SiteMinder before 4.11 allows remote attackers to bypass its authentication mechanism by appending "$/FILENAME.ext" (where ext is .ccc, .class, or .jpg) to the requested URL. | ||||
Page 1 of 1.