CVE-2014-0845

Sažetak

Open redirect vulnerability in IBM Rational Requirements Composer 3.x before 3.0.1.6 iFix2 and 4.x before 4.0.6, and Rational DOORS Next Generation 4.x before 4.0.6, allows remote authenticated users to redirect users to arbitrary web sites and conduct phishing attacks via a crafted URL.

Reference

http://www.securityfocus.com/bid/65916
http://www-01.ibm.com/support/docview.wss?uid=swg21664412
https://exchange.xforce.ibmcloud.com/vulnerabilities/90719

CVSS

Base:	4.9
Impact:	4.9
Exploitability:	6.8

Pristup

Vektor	Složenost	Autentikacija
NETWORK	MEDIUM	SINGLE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	NONE

CVSS vektor

AV:N/AC:M/Au:S/C:P/I:P/A:N

Zadnje važnije ažuriranje

29-08-2017 - 01:34

Objavljeno

04-03-2014 - 22:55