Open Redirect Vulnerability in IBM InfoSphere BigInsights
CVE-2013-3997

Currently unrated

Key Information:

Vendor: IBM
Status: Infosphere Biginsights
Vendor: CVE Published:; 26 March 2014

What is CVE-2013-3997?

An open redirect vulnerability exists in the Web Application Enterprise Console of IBM InfoSphere BigInsights versions 1.1 and 2.x prior to 2.1 FP2. This flaw enables remote authenticated users to redirect unsuspecting users to arbitrary websites, opening the door to potential phishing attacks. Attackers can exploit this vulnerability through various unspecified vectors, compromising the user's trust and potentially leading to unauthorized access or data theft.

References

http://www-01.ibm.com/support/docview.wss?uid=swg21667812

x_refsource_CONFIRM

https://exchange.xforce.ibmcloud.com/vulnerabilities/84986

vdb-entryx_refsource_XF

http://www.securityfocus.com/bid/66360

vdb-entryx_refsource_BID

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 26, 2014
Vulnerability Reserved
Jun 7, 2013