Lucene search
China National Vulnerability DatabaseCNVD-2022-61904HistorySep 01, 2022 - 12:00 a.m.
IBM Security Identity Manager open redirection vulnerability
2022-09-0100:00:00
China National Vulnerability Database
www.cnvd.org.cn
9
ibm security identity manager
open redirection vulnerability
user privileges
policy-based password management
exploitation
cnvd
0.001 Low
EPSS
Percentile
36.3%
IBM Security Identity Manager (ISIM) is a suite of identity management and governance solutions from IBM of America. The solution automates the creation, modification, re-authentication and termination of user privileges throughout the user lifecycle and supports policy-based password management. IBM Security Identity Manager versions 6.0.0 and 6.0.2 contain an open redirection vulnerability that stems from the system’s failure to reasonably handle target hops, which can be exploited by an attacker to An attacker could exploit the vulnerability to redirect users to a malicious website that appears to be trusted.
| CPE | Name | Operator | Version |
|---|---|---|---|
| ibm ibm security identity manager | eq | 6.0.0 | |
| ibm security identity manager | eq | 6.0.2 |
Related
cve
cve
CVE-2021-29864
2022-08-30 19:15:08
ibm
ibm
nvd
nvd
CVE-2021-29864
2022-08-30 19:15:08
prion
prion
Open redirect
2022-08-30 19:15:00
cvelist
cvelist
CVE-2021-29864
2022-08-29 00:00:00