CVE-2011-1826: Input Validation
First published: Wed May 04 2011(Updated: )
Open redirect vulnerability in the Administrative Console in CA Arcot WebFort Versatile Authentication Server (VAS) before 6.2.5 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| CA Arcot WebFort Versatile Authentication Server | <=6.2.4 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://secunia.com/advisories/44317
- http://osvdb.org/72125
- http://www.securityfocus.com/bid/47588
- http://www.securitytracker.com/id?1025444
- http://www.vupen.com/english/advisories/2011/1114
- https://exchange.xforce.ibmcloud.com/vulnerabilities/67105
- https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID={A71F5839-D214-4719-B918-4476E4537998}
- http://www.securityfocus.com/archive/1/517702/100/0/threaded
- https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=%7BA71F5839-D214-4719-B918-4476E4537998%7D
Frequently Asked Questions
What is the severity of CVE-2011-1826?
CVE-2011-1826 is considered a high-severity vulnerability due to its potential for phishing attacks.
How do I fix CVE-2011-1826?
To fix CVE-2011-1826, upgrade the CA Arcot WebFort Versatile Authentication Server to version 6.2.5 or later.
What type of vulnerability is CVE-2011-1826?
CVE-2011-1826 is an open redirect vulnerability that allows attackers to redirect users to malicious websites.
Who is affected by CVE-2011-1826?
CVE-2011-1826 affects users of CA Arcot WebFort Versatile Authentication Server versions prior to 6.2.5.
What impact can CVE-2011-1826 have on users?
CVE-2011-1826 can result in users being redirected to phishing sites, compromising their security and sensitive information.
- agent/author
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/references
- agent/severity
- agent/last-modified-date
- agent/description
- agent/first-publish-date
- agent/event
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- collector/nvd-historical
- collector/nvd-api
- vendor/ca
- canonical/ca arcot webfort versatile authentication server
- version/ca arcot webfort versatile authentication server/6.2.4