Lucene search

[email protected]CVE-2010-3473

HistoryOct 03, 2022 - 4:20 p.m.

CVE-2010-3473

2022-10-0316:20:55

CWE-20

[email protected]

web.nvd.nist.gov

cve-2010-3473

open redirect

workplace

wp component

ibm filenet

p8ae

phishing

vulnerability

5.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:P/A:N

6.7 Medium

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

68.6%

JSON

Open redirect vulnerability in the Workplace (aka WP) component in IBM FileNet P8 Application Engine (P8AE) 3.5.1 before 3.5.1-021 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.

Affected configurations

NVD

Node

ibmfilenet_p8_application_engineMatch3.5.1

ibmfilenet_p8_application_engineMatch3.5.1001

ibmfilenet_p8_application_engineMatch3.5.1002

ibmfilenet_p8_application_engineMatch3.5.1003

ibmfilenet_p8_application_engineMatch3.5.1004

ibmfilenet_p8_application_engineMatch3.5.1005

ibmfilenet_p8_application_engineMatch3.5.1006

ibmfilenet_p8_application_engineMatch3.5.1007

ibmfilenet_p8_application_engineMatch3.5.1008

ibmfilenet_p8_application_engineMatch3.5.1009

ibmfilenet_p8_application_engineMatch3.5.1010

ibmfilenet_p8_application_engineMatch3.5.1011

ibmfilenet_p8_application_engineMatch3.5.1012

ibmfilenet_p8_application_engineMatch3.5.1013

ibmfilenet_p8_application_engineMatch3.5.1014

ibmfilenet_p8_application_engineMatch3.5.1015

ibmfilenet_p8_application_engineMatch3.5.1016

ibmfilenet_p8_application_engineMatch3.5.1017

ibmfilenet_p8_application_engineMatch3.5.1018

ibmfilenet_p8_application_engineMatch3.5.1019

ibmfilenet_p8_application_engineMatch3.5.1020

CPENameOperatorVersion
ibm:filenet_p8_application_engineibm filenet p8 application engineeq3.5.1

CPE	Name	Operator	Version
ibm:filenet_p8_application_engine	ibm filenet p8 application engine	eq	3.5.1

References

download2.boulder.ibm.com/sar/CMA/IMA/00yrk/0/readme-ae351-021.htm

secunia.com/advisories/41458

www-01.ibm.com/support/docview.wss?uid=swg1PJ37180

www.securityfocus.com/bid/43272

www.vupen.com/english/advisories/2010/2419

5.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:P/A:N

6.7 Medium

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

68.6%

JSON

Related for CVE-2010-3473

nvd1 prion1 cvelist1