Microsoft » Forefront Unified Access Gateway : Security Vulnerabilities, CVEs, CVSS score >= 7

CVE-2018-12571

uniquesig0/InternalSite/InitParams.aspx in Microsoft Forefront Unified Access Gateway 2010 allows remote attackers to trigger outbound DNS queries for arbitrary hosts via a comma-separated list of URLs in the orig_url parameter, possibly causing a traffic amplification and/or SSRF outcome.
Max CVSS
9.8
EPSS Score
3.63%
Published
2018-07-05
Updated
2018-09-04

CVE-2011-1969

Microsoft Forefront Unified Access Gateway (UAG) 2010 Gold, Update 1, Update 2, and SP1 provides the MicrosoftClient.jar file containing a signed Java applet, which allows remote attackers to execute arbitrary code on client machines via unspecified vectors, aka "Poisoned Cup of Code Execution Vulnerability."
Max CVSS
9.3
EPSS Score
49.67%
Published
2011-10-12
Updated
2018-10-12
2 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close