Lucene search
HistoryFeb 26, 2010 - 7:30 p.m.
CVE-2010-0715
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
AI Score
6.6
Confidence
High
EPSS
0.004
Percentile
74.2%
Open redirect vulnerability in login.jsp in IBM WebSphere Portal, IBM Lotus Web Content Management (WCM), and IBM Lotus Workplace Web Content Management 5.1.0.0 through 5.1.0.5, 6.0.0.0 through 6.0.0.4, 6.0.1.0 through 6.0.1.7, 6.1.0.0 through 6.1.0.3, and 6.1.5.0; and IBM Lotus Quickr services 8.0, 8.0.0.2, 8.1, 8.1.1, and 8.1.1.1 for WebSphere Portal; allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via the query string.
Affected configurations
Node
ibmwebsphere_portalMatch5.1.0.0
ORibmwebsphere_portalMatch5.1.0.1
ORibmwebsphere_portalMatch5.1.0.2
ORibmwebsphere_portalMatch5.1.0.3
ORibmwebsphere_portalMatch5.1.0.4
ORibmwebsphere_portalMatch5.1.0.5
ORibmwebsphere_portalMatch6.0.0.0
ORibmwebsphere_portalMatch6.0.0.1
ORibmwebsphere_portalMatch6.0.0.2
ORibmwebsphere_portalMatch6.0.0.3
ORibmwebsphere_portalMatch6.0.0.4
ORibmwebsphere_portalMatch6.0.1.0
ORibmwebsphere_portalMatch6.0.1.1
ORibmwebsphere_portalMatch6.0.1.2
ORibmwebsphere_portalMatch6.0.1.3
ORibmwebsphere_portalMatch6.0.1.4
ORibmwebsphere_portalMatch6.0.1.5
ORibmwebsphere_portalMatch6.0.1.6
ORibmwebsphere_portalMatch6.0.1.7
ORibmwebsphere_portalMatch6.1.0.0
ORibmwebsphere_portalMatch6.1.0.1
ORibmwebsphere_portalMatch6.1.0.2
ORibmwebsphere_portalMatch6.1.0.3
ORibmwebsphere_portalMatch6.1.5.0
Node
ibmlotus_web_content_managementMatch5.1.0.0
ORibmlotus_web_content_managementMatch5.1.0.1
ORibmlotus_web_content_managementMatch5.1.0.2
ORibmlotus_web_content_managementMatch5.1.0.3
ORibmlotus_web_content_managementMatch5.1.0.4
ORibmlotus_web_content_managementMatch5.1.0.5
ORibmlotus_web_content_managementMatch6.0.0.0
ORibmlotus_web_content_managementMatch6.0.0.1
ORibmlotus_web_content_managementMatch6.0.0.2
ORibmlotus_web_content_managementMatch6.0.0.3
ORibmlotus_web_content_managementMatch6.0.0.4
ORibmlotus_web_content_managementMatch6.0.1.0
ORibmlotus_web_content_managementMatch6.0.1.1
ORibmlotus_web_content_managementMatch6.0.1.2
ORibmlotus_web_content_managementMatch6.0.1.3
ORibmlotus_web_content_managementMatch6.0.1.4
ORibmlotus_web_content_managementMatch6.0.1.5
ORibmlotus_web_content_managementMatch6.0.1.6
ORibmlotus_web_content_managementMatch6.0.1.7
ORibmlotus_web_content_managementMatch6.1.0.0
ORibmlotus_web_content_managementMatch6.1.0.1
ORibmlotus_web_content_managementMatch6.1.0.2
ORibmlotus_web_content_managementMatch6.1.0.3
ORibmlotus_web_content_managementMatch6.1.5.0
Node
ibmlotus_workplace_web_content_managementMatch5.1.0.0
ORibmlotus_workplace_web_content_managementMatch5.1.0.1
ORibmlotus_workplace_web_content_managementMatch5.1.0.2
ORibmlotus_workplace_web_content_managementMatch5.1.0.3
ORibmlotus_workplace_web_content_managementMatch5.1.0.4
ORibmlotus_workplace_web_content_managementMatch5.1.0.5
ORibmlotus_workplace_web_content_managementMatch6.0.0.0
ORibmlotus_workplace_web_content_managementMatch6.0.0.1
ORibmlotus_workplace_web_content_managementMatch6.0.0.2
ORibmlotus_workplace_web_content_managementMatch6.0.0.3
ORibmlotus_workplace_web_content_managementMatch6.0.0.4
ORibmlotus_workplace_web_content_managementMatch6.0.1.0
ORibmlotus_workplace_web_content_managementMatch6.0.1.1
ORibmlotus_workplace_web_content_managementMatch6.0.1.2
ORibmlotus_workplace_web_content_managementMatch6.0.1.3
ORibmlotus_workplace_web_content_managementMatch6.0.1.4
ORibmlotus_workplace_web_content_managementMatch6.0.1.5
ORibmlotus_workplace_web_content_managementMatch6.0.1.6
ORibmlotus_workplace_web_content_managementMatch6.0.1.7
ORibmlotus_workplace_web_content_managementMatch6.1.0.0
ORibmlotus_workplace_web_content_managementMatch6.1.0.1
ORibmlotus_workplace_web_content_managementMatch6.1.0.2
ORibmlotus_workplace_web_content_managementMatch6.1.0.3
ORibmlotus_workplace_web_content_managementMatch6.1.5.0
Node
ibmlotus_quickrMatch8.0
ORibmlotus_quickrMatch8.0.0.2
ORibmlotus_quickrMatch8.1
ORibmlotus_quickrMatch8.1.1
ORibmlotus_quickrMatch8.1.1.1
| Vendor | Product | Version | CPE |
|---|---|---|---|
| ibm | websphere_portal | 5.1.0.0 | cpe:2.3:a:ibm:websphere_portal:5.1.0.0:*:*:*:*:*:*:* |
| ibm | websphere_portal | 5.1.0.1 | cpe:2.3:a:ibm:websphere_portal:5.1.0.1:*:*:*:*:*:*:* |
| ibm | websphere_portal | 5.1.0.2 | cpe:2.3:a:ibm:websphere_portal:5.1.0.2:*:*:*:*:*:*:* |
| ibm | websphere_portal | 5.1.0.3 | cpe:2.3:a:ibm:websphere_portal:5.1.0.3:*:*:*:*:*:*:* |
| ibm | websphere_portal | 5.1.0.4 | cpe:2.3:a:ibm:websphere_portal:5.1.0.4:*:*:*:*:*:*:* |
| ibm | websphere_portal | 5.1.0.5 | cpe:2.3:a:ibm:websphere_portal:5.1.0.5:*:*:*:*:*:*:* |
| ibm | websphere_portal | 6.0.0.0 | cpe:2.3:a:ibm:websphere_portal:6.0.0.0:*:*:*:*:*:*:* |
| ibm | websphere_portal | 6.0.0.1 | cpe:2.3:a:ibm:websphere_portal:6.0.0.1:*:*:*:*:*:*:* |
| ibm | websphere_portal | 6.0.0.2 | cpe:2.3:a:ibm:websphere_portal:6.0.0.2:*:*:*:*:*:*:* |
| ibm | websphere_portal | 6.0.0.3 | cpe:2.3:a:ibm:websphere_portal:6.0.0.3:*:*:*:*:*:*:* |
Related
cvelist
cvelist
CVE-2010-0715
2010-02-26 19:00:00
cve
cve
CVE-2010-0715
2010-02-26 19:30:00
prion
prion
Open redirect
2010-02-26 19:30:00
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
AI Score
6.6
Confidence
High
EPSS
0.004
Percentile
74.2%
Related for NVD:CVE-2010-0715