Open Redirect Vulnerability in IBM WebSphere Portal
CVE-2016-2989

6.5MEDIUM

Key Information:

Vendor
IBM
Vendor
CVE Published:
8 August 2016

Summary

The Connections Portlets component in IBM WebSphere Portal versions prior to 5.0.2 is susceptible to an open redirect vulnerability. This flaw permits remote attackers to redirect users to arbitrary external websites, potentially enabling them to execute phishing attacks. Attackers can exploit this issue through unspecified vectors, which may compromise user trust and lead to unauthorized access to sensitive information. Organizations using affected versions are advised to upgrade to the latest version to mitigate this risk.

References

CVSS V3.1

Score:
6.5
Severity:
MEDIUM
Confidentiality:
None
Integrity:
High
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.