Open Redirect Vulnerability in IBM FileNet Workplace by IBM
CVE-2016-3047

6.8MEDIUM

Key Information:

Vendor: IBM
Status: Filenet Workplace
Vendor: CVE Published:; 1 December 2016

Summary

An open redirect vulnerability exists in IBM FileNet Workplace versions 4.0.2 through 4.0.2.14 IF001, allowing remote authenticated users to manipulate redirects and send unsuspecting users to arbitrary websites. This flaw can facilitate phishing attacks as attackers can exploit the redirect functionality to create misleading links that appear legitimate, posing significant risks to user security and data integrity.

References

http://www-01.ibm.com/support/docview.wss?uid=swg21987126

x_refsource_CONFIRM

CVSS V3.1

Score:

6.8

Severity:

MEDIUM

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

Required

Scope:

Changed

Timeline

Vulnerability published
Dec 1, 2016
Vulnerability Reserved
Mar 9, 2016