Open Redirect Vulnerability in IBM iNotes Affects Remote User Safety
CVE-2013-0594

6.1MEDIUM

Key Information:

Vendor: IBM
Status: Inotes
Vendor: CVE Published:; 11 July 2018

Summary

An open redirect vulnerability exists in IBM iNotes prior to version 8.5.3 Fix Pack 6 and 9.x before 9.0.1. This vulnerability allows attackers to exploit the weaknesses in the URL redirection mechanism, enabling them to redirect users to malicious websites. Such actions can facilitate phishing attacks, endangering user data and security by tricking individuals into revealing sensitive information. The exploit occurs through unspecified vectors which can be utilized by malicious parties to manipulate web traffic, highlighting the importance of updating systems to mitigate risks associated with this vulnerability.

References

https://www-01.ibm.com/support/docview.wss?uid=swg21671622

x_refsource_CONFIRM

https://exchange.xforce.ibmcloud.com/vulnerabilities/83383

vdb-entryx_refsource_XF

CVSS V3.1

Score:

6.1

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Changed

Timeline

Vulnerability published
Jul 11, 2018
Vulnerability Reserved
Dec 16, 2012