This script is Copyright (C) 2012-2015 Tenable Network Security, Inc.
A web application on the remote Windows host has multiple
The version of Forefront Unified Access Gateway (UAG) running on the
remote host has multiple vulnerabilities :
- A spoofing vulnerability that could allow an attacker to
redirect a victim to a malicious website. An attacker
would have to trick the victim into clicking a specially
crafted link in order to trigger the vulnerability.
- A flaw that could allow an unauthenticated user to
access the default website of the UAG server from the
external network. (CVE-2012-0147)
See also :
Microsoft has released a set of patches for UAG 2010 SP1 and UAG 2010
SP 1 Update 1.
Risk factor :
Medium / CVSS Base Score : 4.3
CVSS Temporal Score : 3.6
Public Exploit Available : true
Family: Windows : Microsoft Bulletins
Nessus Plugin ID: 58658 ()
Bugtraq ID: 5290352909
CVE ID: CVE-2012-0146CVE-2012-0147
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.