Open Redirect Vulnerability in IBM WebSphere Commerce Products
CVE-2017-1398

6.1MEDIUM

Key Information:

Vendor
IBM
Vendor
CVE Published:
10 July 2017

Summary

IBM WebSphere Commerce in its various editions is susceptible to an open redirect vulnerability that could be exploited by remote attackers. By tricking users into clicking on deceptive links, attackers can redirect victims to malicious sites that impersonate trusted domains. This manipulation can lead to the exposure of sensitive information and enable subsequent attacks, posing a significant risk for users and their data. Organizations utilizing IBM WebSphere Commerce should prioritize addressing this issue to bolster their security posture.

Affected Version(s)

WebSphere Commerce Enterprise 6.0

WebSphere Commerce Enterprise 7.0

WebSphere Commerce Enterprise 8.0

References

CVSS V3.1

Score:
6.1
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.