exploitDog

CVE-2016-2989

Опубликовано: 08 авг. 2016

Источник: nvd

CVSS3: 6.5

CVSS2: 5.8

EPSS Низкий

Описание

Open redirect vulnerability in the Connections Portlets component 5.x before 5.0.2 for IBM WebSphere Portal allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.

Ссылки

http://www-01.ibm.com/support/docview.wss?uid=swg21986393
Patch
Vendor Advisory
http://www.securityfocus.com/bid/92344
http://www.securitytracker.com/id/1036498
http://www-01.ibm.com/support/docview.wss?uid=swg21986393
Patch
Vendor Advisory
http://www.securityfocus.com/bid/92344
http://www.securitytracker.com/id/1036498

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:ibm:connections_portlets:5.0:*:*:*:*:websphere_portal:*:*

EPSS

Процентиль: 45%

0.0022

Низкий

6.5 Medium

CVSS3

5.8 Medium

CVSS2

Дефекты

CWE-284

Связанные уязвимости

GHSA-w2f5-3xh5-32r7

CVSS3: 6.5

github

больше 3 лет назад

Open redirect vulnerability in the Connections Portlets component 5.x before 5.0.2 for IBM WebSphere Portal allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.

EPSS

Процентиль: 45%

0.0022

Низкий

6.5 Medium

CVSS3

5.8 Medium

CVSS2

Дефекты

CWE-284