CVE-2008-0241

Open redirect vulnerability in /idm/user/login.jsp in Sun Java System Identity Manager 6.0 SP1 through SP3, 7.0, and 7.1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the nextPage parameter.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
5.8 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:N/I:P/A:P
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 82%
VendorProductVersion
sunjava_system_identity_manager
6.0:sp1
sunjava_system_identity_manager
6.0:sp2
sunjava_system_identity_manager
6.0:sp3
sunjava_system_identity_manager
7.0
sunjava_system_identity_manager
7.1
𝑥
= Vulnerable software versions