CVE-2005-10001

Name of the Vulnerable Software and Affected Versions Netegrity SiteMinder versions up to 4.5.1

Description A critical issue was found in the Login component, specifically affecting the file /siteminderagent/pwcgi/smpwservicescgi.exe. The manipulation of the target argument leads to an open redirect. This issue may be exploited as the details have been publicly disclosed. It is noted that this issue only affects products that are no longer supported by the maintainer.

Recommendations For versions up to 4.5.1, consider disabling the target argument in the affected file /siteminderagent/pwcgi/smpwservicescgi.exe as a temporary workaround to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.