CVE Vulnerabilities

CVE-2000-0850

Published: Nov 14, 2000 | Modified: Apr 03, 2025
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
7.5 HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu

Netegrity SiteMinder before 4.11 allows remote attackers to bypass its authentication mechanism by appending $/FILENAME.ext (where ext is .ccc, .class, or .jpg) to the requested URL.

Affected Software

Name Vendor Start Version End Version
Siteminder Netegrity 3.6 (including) 3.6 (including)
Siteminder Netegrity 4.0 (including) 4.0 (including)

References