Open Redirect Vulnerability in IBM Cloud Private
CVE-2018-1939

6.8MEDIUM

Key Information:

Vendor

IBM
Status
Cloud Private
Vendor
CVE Published:
5 March 2019

What is CVE-2018-1939?

An open redirect vulnerability exists in IBM Cloud Private 3.1.1 that could be exploited by remote attackers to perform phishing attacks. By luring victims to a specially-crafted website, attackers can manipulate URLs displayed in the address bar, misleading users into thinking they are visiting a trusted site. This deception could lead to unauthorized disclosure of sensitive information or facilitate subsequent attacks targeting the victim. For more information, refer to IBM's documentation and security advisory.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Cloud Private 3.1.1

References

http://www.securityfocus.com/bid/107302
vdb-entryx_refsource_BID
https://www.ibm.com/support/docview.wss?uid=ibm10871652
x_refsource_CONFIRM
https://exchange.xforce.ibmcloud.com/vulnerabilities/153319
vdb-entryx_refsource_XF

CVSS V3.1

Score:
6.8
Severity:
MEDIUM
Confidentiality:
None
Integrity:
High
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
Required
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.