Open Redirect Vulnerability in IBM WebSphere Commerce Products
CVE-2017-1398
6.1MEDIUM
Summary
IBM WebSphere Commerce in its various editions is susceptible to an open redirect vulnerability that could be exploited by remote attackers. By tricking users into clicking on deceptive links, attackers can redirect victims to malicious sites that impersonate trusted domains. This manipulation can lead to the exposure of sensitive information and enable subsequent attacks, posing a significant risk for users and their data. Organizations utilizing IBM WebSphere Commerce should prioritize addressing this issue to bolster their security posture.
Affected Version(s)
WebSphere Commerce Enterprise 6.0
WebSphere Commerce Enterprise 7.0
WebSphere Commerce Enterprise 8.0
References
CVSS V3.1
Score:
6.1
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Changed
Timeline
Vulnerability published
Vulnerability Reserved