IBM WebSphere Application Server (WAS) Liberty, as used in IBM Security Privileged Identity Manager (ISPIM) Virtual Appliance 2.x before 2.0.2 FP8, allows remote authenticated users to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.
References
Link | Resource |
---|---|
http://www-01.ibm.com/support/docview.wss?uid=swg21989205 | Patch Vendor Advisory |
http://www.securityfocus.com/bid/92986 |
Configurations
Configuration 1 (hide)
|
History
No history.
Information
Published : 2016-09-26 04:59
Updated : 2024-02-04 18:53
NVD link : CVE-2016-3040
Mitre link : CVE-2016-3040
CVE.ORG link : CVE-2016-3040
JSON object : View
Products Affected
ibm
- security_privileged_identity_manager_virtual_appliance
CWE
CWE-601
URL Redirection to Untrusted Site ('Open Redirect')