Open redirect

2019-03-0518:29:00

PRIOn knowledge base

www.prio-n.com

5.8 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

40.7%

JSON

IBM InfoSphere Information Governance Catalog 11.3, 11.5, and 11.7 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to spoof the URL displayed to redirect a user to a malicious Web site that would appear to be trusted. This could allow the attacker to obtain highly sensitive information or conduct further attacks against the victim. IBM X-Force ID: 151639.

CPENameOperatorVersion
infosphere_information_governance_catalogeq11.3
infosphere_information_governance_catalogeq11.5
infosphere_information_governance_catalogeq11.7
infosphere_information_server_on_cloudeq11.5
infosphere_information_server_on_cloudeq11.7

Name	Operator	Version
infosphere_information_governance_catalog	eq	11.3
infosphere_information_governance_catalog	eq	11.5
infosphere_information_governance_catalog	eq	11.7
infosphere_information_server_on_cloud	eq	11.5
infosphere_information_server_on_cloud	eq	11.7