Open Redirect Vulnerability in IBM Jazz for Service Management
CVE-2019-4201
7.4HIGH
Summary
IBM Jazz for Service Management versions 1.1.3, 1.1.3.1, and 1.1.3.2 contain an open redirect vulnerability that could be exploited by attackers to manipulate users into visiting malicious websites. By leveraging this vulnerability, a remote attacker can spoof legitimate URLs, leading unsuspecting users to untrusted sites under the guise of safety. This can facilitate phishing attacks aimed at capturing sensitive information or escalating further attacks against victims.
Affected Version(s)
Jazz for Service Management 1.1.3
Jazz for Service Management 1.1.3.1
Jazz for Service Management 1.1.3.2
References
CVSS V3.1
Score:
7.4
Severity:
HIGH
Confidentiality:
None
Integrity:
High
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Changed
Timeline
Vulnerability published
Vulnerability Reserved