CVE-2011-4818

Sažetak

Open redirect vulnerability in IBM Maximo Asset Management and Asset Management Essentials 6.2, 7.1, and 7.5 allows remote authenticated users to redirect users to arbitrary web sites and conduct phishing attacks via the uisessionid parameter to an unspecified component.

Reference

http://secunia.com/advisories/48299
http://www.ibm.com/support/docview.wss?uid=swg21584666
http://www.securityfocus.com/bid/52333
http://www-01.ibm.com/support/docview.wss?uid=swg1IV09200
https://exchange.xforce.ibmcloud.com/vulnerabilities/72006

CVSS

Base:	4.3
Impact:	2.9
Exploitability:	8.6

Pristup

Vektor	Složenost	Autentikacija
NETWORK	MEDIUM	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
NONE	PARTIAL	NONE

CVSS vektor

AV:N/AC:M/Au:N/C:N/I:P/A:N

Zadnje važnije ažuriranje

10-01-2018 - 02:29

Objavljeno

13-03-2012 - 03:12