Open Redirect Vulnerability in IBM Content Navigator
CVE-2019-4092

6.8MEDIUM

Key Information:

Vendor: IBM
Status: Content Navigator
Vendor: CVE Published:; 25 April 2019

Summary

The vulnerability in IBM Content Navigator allows attackers to manipulate URLs and redirect users to malicious websites. By enticing victims to click on a specially-crafted link, a remote attacker could leverage this open redirect to spoof legitimate URLs, compromising user trust. This could lead to the disclosure of sensitive information or facilitate further cyberattacks, posing significant risks to users and organizations alike.

Affected Version(s)

Content Navigator 2.0.3

Content Navigator 3.0CD

References

http://www.ibm.com/support/docview.wss?uid=ibm10874754

x_refsource_CONFIRM

https://exchange.xforce.ibmcloud.com/vulnerabilities/157654

vdb-entryx_refsource_XF

CVSS V3.1

Score:

6.8

Severity:

MEDIUM

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

Required

Scope:

Changed

Timeline

Vulnerability published
Apr 25, 2019
Vulnerability Reserved
Jan 3, 2019