Open Redirect Vulnerability in IBM Tivoli Federated Identity Manager
CVE-2014-3097

Currently unrated

Key Information:

Vendor: IBM
Status: Tivoli Federated Identity Manager
Vendor: CVE Published:; 2 October 2014

What is CVE-2014-3097?

The vulnerability in IBM Tivoli Federated Identity Manager allows remote attackers to exploit an open redirect flaw, enabling them to redirect users to unauthorized websites. This issue primarily poses a risk of phishing attacks, where for users mistakenly clicking on malicious links, their sensitive information could be compromised.

References

http://www-01.ibm.com/support/docview.wss?uid=swg1IV64511

vendor-advisoryx_refsource_AIXAPAR

http://www-01.ibm.com/support/docview.wss?uid=swg1IV64349

vendor-advisoryx_refsource_AIXAPAR

http://www-01.ibm.com/support/docview.wss?uid=swg1IV64512

vendor-advisoryx_refsource_AIXAPAR

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 2, 2014
Vulnerability Reserved
Apr 29, 2014