Lucene search

IbmCVE-2016-3047

HistoryDec 01, 2016 - 11:59 a.m.

CVE-2016-3047

2016-12-0111:59:08

CWE-601

ibm

web.nvd.nist.gov

cve-2016-3047

ibm

filenet

workplace

open redirect

vulnerability

remote

authenticated

phishing

CVSS2

4.9

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:S/C:P/I:P/A:N

CVSS3

6.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:N/I:H/A:N

AI Score

6.1

Confidence

High

EPSS

0.001

Percentile

30.7%

JSON

Open redirect vulnerability in IBM FileNet Workplace 4.0.2 through 4.0.2.14 IF001 allows remote authenticated users to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.

Affected configurations

Nvd

Node

ibmfilenet_workplaceMatch4.0.2

VendorProductVersionCPE
ibmfilenet_workplace4.0.2cpe:2.3:a:ibm:filenet_workplace:4.0.2:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
ibm	filenet_workplace	4.0.2	cpe:2.3:a:ibm:filenet_workplace:4.0.2:::::::*

References

www-01.ibm.com/support/docview.wss?uid=swg21987126

CVSS2

4.9

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:S/C:P/I:P/A:N

CVSS3

6.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:N/I:H/A:N

AI Score

6.1

Confidence

High

EPSS

0.001

Percentile

30.7%

JSON

Related for CVE-2016-3047