Microsoft Forefront Unified Access Gateway — known CVE vulnerabilities
Every CVE whose affected-product data names Microsoft Forefront Unified Access Gateway, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (12)
CVE-2018-12571 — CVSS 9.8 (critical): uniquesig0/InternalSite/InitParams.aspx in Microsoft Forefront Unified Access Gateway 2010 allows remote attackers to trigger outbound DNS…
CVE-2011-1969 — CVSS 9.3 (critical): Microsoft Forefront Unified Access Gateway (UAG) 2010 Gold, Update 1, Update 2, and SP1 provides the MicrosoftClient.jar file containing a…
CVE-2010-2732 — CVSS 5.8 (medium): Open redirect vulnerability in the web interface in Microsoft Forefront Unified Access Gateway (UAG) 2010 Gold, 2010 Update 1, and 2010…
CVE-2012-0146 — CVSS 5.8 (medium): Open redirect vulnerability in Microsoft Forefront Unified Access Gateway (UAG) 2010 SP1 and SP1 Update 1 allows remote attackers to…
CVE-2012-0147 — CVSS 5.0 (medium): Microsoft Forefront Unified Access Gateway (UAG) 2010 SP1 and SP1 Update 1 does not properly configure the default web site, which allows…
CVE-2011-2012 — CVSS 5.0 (medium): Microsoft Forefront Unified Access Gateway (UAG) 2010 Gold, Update 1, Update 2, and SP1 does not properly validate session cookies, which…
CVE-2011-1897 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in Microsoft Forefront Unified Access Gateway (UAG) 2010 Gold, Update 1, Update 2, and SP1 allows…
CVE-2010-2734 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in the mobile portal in Microsoft Forefront Unified Access Gateway (UAG) 2010 Gold, 2010 Update 1…
CVE-2010-2733 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in the Web Monitor in Microsoft Forefront Unified Access Gateway (UAG) 2010 Gold, 2010 Update 1…
CVE-2011-1895 — CVSS 4.3 (medium): CRLF injection vulnerability in Microsoft Forefront Unified Access Gateway (UAG) 2010 Gold, Update 1, Update 2, and SP1 allows remote…
CVE-2010-3936 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in Signurl.asp in Microsoft Forefront Unified Access Gateway (UAG) 2010 Gold, 2010 Update 1, and…
CVE-2011-1896 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in Microsoft Forefront Unified Access Gateway (UAG) 2010 Gold, Update 1, Update 2, and SP1 allows…