Open Redirect Vulnerability in IBM Tivoli Federated Identity Manager and Business Gateway
CVE-2013-5431

Currently unrated

Key Information:

Vendor: IBM
Status: Tivoli Federated Identity Manager
Vendor: CVE Published:; 1 November 2013

Summary

An open redirect vulnerability exists in IBM Tivoli Federated Identity Manager and Tivoli Federated Identity Manager Business Gateway, which allows remote attackers to manipulate URLs. This flaw enables attackers to redirect unsuspecting users to arbitrary websites, potentially facilitating phishing attacks and compromising user data. The issue affects specific versions of both products, making it critical for users to apply recommended updates to mitigate risks associated with this vulnerability.

References

http://www-01.ibm.com/support/docview.wss?uid=swg21654114

x_refsource_CONFIRM

http://www.kb.cert.org/vuls/id/596990

third-party-advisoryx_refsource_CERT-VN

https://exchange.xforce.ibmcloud.com/vulnerabilities/87616

vdb-entryx_refsource_XF

Timeline

Vulnerability published
Nov 1, 2013
Vulnerability Reserved
Aug 22, 2013