Open Redirect Vulnerability in IBM Security Directory Server 6.4.0
CVE-2019-4538
7.4HIGH
Summary
IBM Security Directory Server 6.4.0 is susceptible to an open redirect vulnerability that allows remote attackers to conduct phishing attacks. By manipulating URLs, an attacker can deceive a victim into visiting a malicious site that masquerades as a trusted domain. This technique not only enables URL spoofing but also compromises sensitive information and facilitates further attacks against the victim. Organizations using this version of the server need to implement security measures to mitigate potential threats stemming from this vulnerability.
Affected Version(s)
Security Directory Server 6.4.0
References
CVSS V3.1
Score:
7.4
Severity:
HIGH
Confidentiality:
None
Integrity:
High
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Changed
Timeline
Vulnerability published
Vulnerability Reserved