Open Redirect Vulnerability in IBM InfoSphere Information Governance Catalog
CVE-2018-1875

7.4HIGH

Key Information:

Vendor
IBM
Status
Infosphere Information Governance Catalog
Infosphere Information Server On Cloud
Vendor
CVE Published:
5 March 2019

Summary

The InfoSphere Information Governance Catalog from IBM contains an open redirect vulnerability that could be exploited by remote attackers. By tricking users into visiting malicious websites, attackers can manipulate the URL displayed in the user's browser, leading to phishing attacks. This vulnerability allows attackers to gain sensitive information by redirecting users to sites that appear to be trusted, making it imperative for users to remain vigilant and for organizations to apply security patches promptly.

Affected Version(s)

InfoSphere Information Governance Catalog 11.3

InfoSphere Information Governance Catalog 11.5

InfoSphere Information Governance Catalog 11.7

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/151639
vdb-entryx_refsource_XF
http://www.ibm.com/support/docview.wss?uid=ibm10738911
x_refsource_CONFIRM

CVSS V3.1

Score:
7.4
Severity:
HIGH
Confidentiality:
None
Integrity:
High
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
🍪 This website uses cookies, like every other website on the internet 😕 By using our website, you consent to the use of cookies.