Описание
IBM Content Navigator 3.0CD could allow attackers to direct web traffic to a malicious site. If attackers make a fake IBM Content Navigator site, they can send a link to ICN users to send request to their Edit client directly. Then Edit client will download documents from the fake ICN website. IBM X-Force ID: 156001.
Ссылки
- Vendor Advisory
- Third Party AdvisoryVDB Entry
- VDB EntryVendor Advisory
- Vendor Advisory
- Third Party AdvisoryVDB Entry
- VDB EntryVendor Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:ibm:content_navigator:3.0.0:*:*:*:continuous_delivery:*:*:*
EPSS
Процентиль: 33%
0.00126
Низкий
6.3 Medium
CVSS3
5.4 Medium
CVSS3
4.9 Medium
CVSS2
Дефекты
CWE-601
Связанные уязвимости
CVSS3: 5.4
github
больше 3 лет назад
IBM Content Navigator 3.0CD could allow attackers to direct web traffic to a malicious site. If attackers make a fake IBM Content Navigator site, they can send a link to ICN users to send request to their Edit client directly. Then Edit client will download documents from the fake ICN website. IBM X-Force ID: 156001.
EPSS
Процентиль: 33%
0.00126
Низкий
6.3 Medium
CVSS3
5.4 Medium
CVSS3
4.9 Medium
CVSS2
Дефекты
CWE-601