CVE-2011-1826

Published: May 5, 2011Modified: Apr 29, 2026

5.8

Vector

AV:N/AC:M/Au:N/C:P/I:P/A:N

Exploitability: 8.6 / Impact: 4.9

Source: NVD

Description

Open redirect vulnerability in the Administrative Console in CA Arcot WebFort Versatile Authentication Server (VAS) before 6.2.5 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.

Affected (1)

Products: Ca: Arcot Webfort Versatile Authentication Server

1 product

Arcot Webfort Versatile Authentication Server

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Ca Arcot Webfort Versatile Authentication Server	Up to 6.2.4

Related CWEs

CWE-20

Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

References (16)

http://osvdb.org/72125

Source: cve@mitre.org

http://secunia.com/advisories/44317

Source: cve@mitre.org

Vendor Advisory

http://www.securityfocus.com/archive/1/517702/100/0/threaded

Source: cve@mitre.org

http://www.securityfocus.com/bid/47588

Source: cve@mitre.org

http://www.securitytracker.com/id?1025444

Source: cve@mitre.org

http://www.vupen.com/english/advisories/2011/1114

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/67105

Source: cve@mitre.org

https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=%7BA71F5839-D214-4719-B918-4476E4537998%7D

Source: cve@mitre.org

http://osvdb.org/72125