Back to search
CVE-2018-12571
Published: Jul 5, 2018
Modified: Aug 5, 2024
PUBLISHED
Description
uniquesig0/InternalSite/InitParams.aspx in Microsoft Forefront Unified Access Gateway 2010 allows remote attackers to trigger outbound DNS queries for arbitrary hosts via a comma-separated list of URLs in the orig_url parameter, possibly causing a traffic amplification and/or SSRF outcome.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
20180702 Microsoft Forefront Unified Access Gateway 2010 External DNS Interaction
mailing-list
x_refsource_FULLDISC
1041212
vdb-entry
x_refsource_SECTRACK
20180702 Re: Microsoft Forefront Unified Access Gateway 2010 External DNS Interaction
mailing-list
x_refsource_FULLDISC
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now