CVE-2008-5550

3 documents3 sources

Severity

4.3MEDIUM

EPSS

0.5%

top 34.22%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

SUN Java WEB Console SUN Solaris SUN Sunos

Timeline

PublishedDec 12

Latest updateMay 14

Description

Open redirect vulnerability in console/faces/jsp/login/BeginLogin.jsp in Sun Java Web Console 3.0.2 through 3.0.5 and Solaris 10 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via the redirect_url parameter.

CVSS vector

AV:N/AC:M/C:N/I:P/A:NExploitability: 8.6 | Impact: 2.9

Affected Packages3 packages

▶NVDsun/java_web_console4 versions+3

▶NVDsun/solaris10

▶NVDsun/sunos5.10

Patches

Patch: sunsolve.sun.com ↗Patch: sunsolve.sun.com ↗Patch: sunsolve.sun.com ↗

🔴Vulnerability Details

GHSA

GHSA-m95g-vf62-j7fh: Open redirect vulnerability in console/faces/jsp/login/BeginLogin↗2022-05-14

▶

CVEList

CVE-2008-5550: Open redirect vulnerability in console/faces/jsp/login/BeginLogin↗2008-12-12

▶