Open Redirect Vulnerability in IBM Cloud Orchestrator
CVE-2016-0204
6.8MEDIUM
Summary
An open redirect vulnerability exists in IBM Cloud Orchestrator versions prior to 2.4.0 FP3, allowing remote authenticated users to redirect unsuspecting users to malicious websites. This can facilitate phishing attacks, putting sensitive information at risk. Proper validation of redirect URLs is essential to mitigate exploitation.
References
CVSS V3.1
Score:
6.8
Severity:
MEDIUM
Confidentiality:
None
Integrity:
High
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
Required
Scope:
Changed
Timeline
Vulnerability published
Vulnerability Reserved