Open Redirect Vulnerability in IBM Curam Social Program Management
CVE-2018-1654
6.8MEDIUM
Summary
The vulnerability in IBM Curam Social Program Management allows remote attackers to exploit open redirects to conduct phishing attacks. By luring users to specially crafted URLs, attackers can spoof legitimate web addresses, leading users to malicious sites disguised as trusted platforms. This vulnerability presents significant risks as it can result in sensitive information leakage and pave the way for further malicious activities against unsuspecting victims.
Affected Version(s)
Curam Social Program Management 6.0.5
Curam Social Program Management 6.1.1
Curam Social Program Management 6.2.0
References
CVSS V3.1
Score:
6.8
Severity:
MEDIUM
Confidentiality:
None
Integrity:
High
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
Required
Scope:
Changed
Timeline
Vulnerability published
Vulnerability Reserved