CVE-2014-0845

Опубликовано: 04 мар. 2014

Источник: nvd

CVSS2: 4.9

EPSS Низкий

Описание

Open redirect vulnerability in IBM Rational Requirements Composer 3.x before 3.0.1.6 iFix2 and 4.x before 4.0.6, and Rational DOORS Next Generation 4.x before 4.0.6, allows remote authenticated users to redirect users to arbitrary web sites and conduct phishing attacks via a crafted URL.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:ibm:rational_requirements_composer:3.0.1:*:*:*:*:*:*:*

cpe:2.3:a:ibm:rational_requirements_composer:3.0.1.1:*:*:*:*:*:*:*

cpe:2.3:a:ibm:rational_requirements_composer:3.0.1.2:*:*:*:*:*:*:*

cpe:2.3:a:ibm:rational_requirements_composer:3.0.1.3:*:*:*:*:*:*:*

cpe:2.3:a:ibm:rational_requirements_composer:3.0.1.4:*:*:*:*:*:*:*

cpe:2.3:a:ibm:rational_requirements_composer:3.0.1.5:*:*:*:*:*:*:*

cpe:2.3:a:ibm:rational_requirements_composer:3.0.1.6:*:*:*:*:*:*:*

cpe:2.3:a:ibm:rational_requirements_composer:4.0.0:*:*:*:*:*:*:*

cpe:2.3:a:ibm:rational_requirements_composer:4.0.0.1:*:*:*:*:*:*:*

cpe:2.3:a:ibm:rational_requirements_composer:4.0.0.2:*:*:*:*:*:*:*

cpe:2.3:a:ibm:rational_requirements_composer:4.0.1:*:*:*:*:*:*:*

cpe:2.3:a:ibm:rational_requirements_composer:4.0.2:*:*:*:*:*:*:*

cpe:2.3:a:ibm:rational_requirements_composer:4.0.3:*:*:*:*:*:*:*

cpe:2.3:a:ibm:rational_requirements_composer:4.0.4:*:*:*:*:*:*:*

cpe:2.3:a:ibm:rational_requirements_composer:4.0.5:*:*:*:*:*:*:*

Конфигурация 2

Одно из

cpe:2.3:a:ibm:rational_doors_next_generation:4.0.0:*:*:*:*:*:*:*

cpe:2.3:a:ibm:rational_doors_next_generation:4.0.1:*:*:*:*:*:*:*

cpe:2.3:a:ibm:rational_doors_next_generation:4.0.2:*:*:*:*:*:*:*

cpe:2.3:a:ibm:rational_doors_next_generation:4.0.3:*:*:*:*:*:*:*

cpe:2.3:a:ibm:rational_doors_next_generation:4.0.4:*:*:*:*:*:*:*

cpe:2.3:a:ibm:rational_doors_next_generation:4.0.5:*:*:*:*:*:*:*

EPSS

Процентиль: 37%

0.0016

Низкий

4.9 Medium

CVSS2

Дефекты

CWE-20

Связанные уязвимости

GHSA-3mgv-rw6h-g4mm

github

больше 3 лет назад