2 matches found
Security Bulletin: Tivoli Federated Identity Manager and Tivoli Federated Identity Manager Business Gateway redirect to an insufficiently validated URL (CVE-2013-5431)
Abstract Under certain conditions, IBM Tivoli Federated Identity Manager TFIM/ IBM Tivoli Federated Identity Manager Business Gateway TFIMBG could send a redirect to a URL provided by an external client without performing sufficient validation of the URL Content VULNERABILITY DETAILS: CVE ID:...
CVE-2013-5431
CVE-2013-5431 describes an open redirect vulnerability in IBM Tivoli Federated Identity Manager (TFIM) and TFIMBG . Affected TFIM versions: 6.1.1 before IF 15, 6.2.0 before IF 14, 6.2.1, 6.2.2 before IF 8; TFIMBG: 6.1.1 before IF 15, 6.2.0 before IF 14, 6.2.1, 6.2.2 before IF 8. The flaw allows a...