Open Redirect Vulnerability in IBM Cloud Orchestrator
CVE-2016-0204

6.8MEDIUM

Key Information:

Vendor

IBM
Status
Cloud Orchestrator
Vendor
CVE Published:
16 October 2016

What is CVE-2016-0204?

An open redirect vulnerability exists in IBM Cloud Orchestrator versions prior to 2.4.0 FP3, allowing remote authenticated users to redirect unsuspecting users to malicious websites. This can facilitate phishing attacks, putting sensitive information at risk. Proper validation of redirect URLs is essential to mitigate exploitation.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www-01.ibm.com/support/docview.wss?uid=swg2C1000124
x_refsource_CONFIRM
http://www.securityfocus.com/bid/93512
vdb-entryx_refsource_BID

CVSS V3.1

Score:
6.8
Severity:
MEDIUM
Confidentiality:
None
Integrity:
High
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
Required
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.