Open Redirect Vulnerability in IBM iNotes Affects Remote User Safety
CVE-2013-0594

6.1MEDIUM

Key Information:

Vendor
IBM
Status
Vendor
CVE Published:
11 July 2018

Summary

An open redirect vulnerability exists in IBM iNotes prior to version 8.5.3 Fix Pack 6 and 9.x before 9.0.1. This vulnerability allows attackers to exploit the weaknesses in the URL redirection mechanism, enabling them to redirect users to malicious websites. Such actions can facilitate phishing attacks, endangering user data and security by tricking individuals into revealing sensitive information. The exploit occurs through unspecified vectors which can be utilized by malicious parties to manipulate web traffic, highlighting the importance of updating systems to mitigate risks associated with this vulnerability.

References

CVSS V3.1

Score:
6.1
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.