Open Redirect Vulnerability in IBM Tivoli Endpoint Manager
CVE-2017-1223

6.1MEDIUM

Key Information:

Vendor

IBM
Status
Bigfix Family
Vendor
CVE Published:
19 July 2017

What is CVE-2017-1223?

IBM Tivoli Endpoint Manager is susceptible to an open redirect vulnerability, enabling remote attackers to execute phishing schemes. By tricking victims into visiting a maliciously crafted website, attackers can exploit this flaw to manipulate the displayed URL, creating a deceptive appearance of trust. This manipulation can lead to the theft of sensitive information or facilitate further attacks against the targeted users. For detailed insights, refer to IBM's official security documentation and the X-Force database.

Affected Version(s)

BigFix family 9.2

BigFix family 9.5

References

http://www.securityfocus.com/bid/99916
vdb-entryx_refsource_BID
http://www.ibm.com/support/docview.wss?uid=swg22005246
x_refsource_CONFIRM
https://exchange.xforce.ibmcloud.com/vulnerabilities/123902
x_refsource_MISC

CVSS V3.1

Score:
6.1
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.