Open Redirect Vulnerability in IBM InfoSphere Information Governance Catalog
CVE-2018-1875
7.4HIGH
Key Information:
- Vendor
- IBM
- Vendor
- CVE Published:
- 5 March 2019
Summary
The InfoSphere Information Governance Catalog from IBM contains an open redirect vulnerability that could be exploited by remote attackers. By tricking users into visiting malicious websites, attackers can manipulate the URL displayed in the user's browser, leading to phishing attacks. This vulnerability allows attackers to gain sensitive information by redirecting users to sites that appear to be trusted, making it imperative for users to remain vigilant and for organizations to apply security patches promptly.
Affected Version(s)
InfoSphere Information Governance Catalog 11.3
InfoSphere Information Governance Catalog 11.5
InfoSphere Information Governance Catalog 11.7
References
CVSS V3.1
Score:
7.4
Severity:
HIGH
Confidentiality:
None
Integrity:
High
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Changed
Timeline
Vulnerability published
Vulnerability Reserved