Lucene search

IbmCVE-2016-5878

HistoryAug 08, 2016 - 1:59 a.m.

CVE-2016-5878

2016-08-0801:59:18

CWE-601

ibm

web.nvd.nist.gov

ibm filenet

workplace

vulnerability

open redirect

phishing

cve-2016-5878

nvd

CVSS2

4.9

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:S/C:P/I:P/A:N

CVSS3

6.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:N/I:H/A:N

AI Score

6.1

Confidence

High

EPSS

0.001

Percentile

30.7%

JSON

Open redirect vulnerability in IBM FileNet Workplace 4.0.2 before 4.0.2.14 allows remote authenticated users to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.

Affected configurations

Nvd

Node

ibmfilenet_workplaceMatch4.0.2.0

ibmfilenet_workplaceMatch4.0.2.1

ibmfilenet_workplaceMatch4.0.2.2

ibmfilenet_workplaceMatch4.0.2.3

ibmfilenet_workplaceMatch4.0.2.4

ibmfilenet_workplaceMatch4.0.2.5

ibmfilenet_workplaceMatch4.0.2.6

ibmfilenet_workplaceMatch4.0.2.7

ibmfilenet_workplaceMatch4.0.2.8

ibmfilenet_workplaceMatch4.0.2.9

ibmfilenet_workplaceMatch4.0.2.10

ibmfilenet_workplaceMatch4.0.2.11

ibmfilenet_workplaceMatch4.0.2.12

ibmfilenet_workplaceMatch4.0.2.13

VendorProductVersionCPE
ibmfilenet_workplace4.0.2.0cpe:2.3:a:ibm:filenet_workplace:4.0.2.0:*:*:*:*:*:*:*
ibmfilenet_workplace4.0.2.1cpe:2.3:a:ibm:filenet_workplace:4.0.2.1:*:*:*:*:*:*:*
ibmfilenet_workplace4.0.2.2cpe:2.3:a:ibm:filenet_workplace:4.0.2.2:*:*:*:*:*:*:*
ibmfilenet_workplace4.0.2.3cpe:2.3:a:ibm:filenet_workplace:4.0.2.3:*:*:*:*:*:*:*
ibmfilenet_workplace4.0.2.4cpe:2.3:a:ibm:filenet_workplace:4.0.2.4:*:*:*:*:*:*:*
ibmfilenet_workplace4.0.2.5cpe:2.3:a:ibm:filenet_workplace:4.0.2.5:*:*:*:*:*:*:*
ibmfilenet_workplace4.0.2.6cpe:2.3:a:ibm:filenet_workplace:4.0.2.6:*:*:*:*:*:*:*
ibmfilenet_workplace4.0.2.7cpe:2.3:a:ibm:filenet_workplace:4.0.2.7:*:*:*:*:*:*:*
ibmfilenet_workplace4.0.2.8cpe:2.3:a:ibm:filenet_workplace:4.0.2.8:*:*:*:*:*:*:*
ibmfilenet_workplace4.0.2.9cpe:2.3:a:ibm:filenet_workplace:4.0.2.9:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
ibm	filenet_workplace	4.0.2.0	cpe:2.3:a:ibm:filenet_workplace:4.0.2.0:::::::*
ibm	filenet_workplace	4.0.2.1	cpe:2.3:a:ibm:filenet_workplace:4.0.2.1:::::::*
ibm	filenet_workplace	4.0.2.2	cpe:2.3:a:ibm:filenet_workplace:4.0.2.2:::::::*
ibm	filenet_workplace	4.0.2.3	cpe:2.3:a:ibm:filenet_workplace:4.0.2.3:::::::*
ibm	filenet_workplace	4.0.2.4	cpe:2.3:a:ibm:filenet_workplace:4.0.2.4:::::::*
ibm	filenet_workplace	4.0.2.5	cpe:2.3:a:ibm:filenet_workplace:4.0.2.5:::::::*
ibm	filenet_workplace	4.0.2.6	cpe:2.3:a:ibm:filenet_workplace:4.0.2.6:::::::*
ibm	filenet_workplace	4.0.2.7	cpe:2.3:a:ibm:filenet_workplace:4.0.2.7:::::::*
ibm	filenet_workplace	4.0.2.8	cpe:2.3:a:ibm:filenet_workplace:4.0.2.8:::::::*
ibm	filenet_workplace	4.0.2.9	cpe:2.3:a:ibm:filenet_workplace:4.0.2.9:::::::*

Rows per page:

1-10 of 141

References

www-01.ibm.com/support/docview.wss?uid=swg21987721

www.securityfocus.com/bid/92279

CVSS2

4.9

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:S/C:P/I:P/A:N

CVSS3

6.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:N/I:H/A:N

AI Score

6.1

Confidence

High

EPSS

0.001

Percentile

30.7%

JSON

Related for CVE-2016-5878