PT-2018-4610 · Ibm · Ibm Emptoris Sourcing
Publicado
2018-02-02
·
Atualizado
2018-02-16
·
CVE-2016-0329
CVSS v3.1
5.4
Média
| Vetor | AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
IBM Emptoris Sourcing versions 10.0.0.x through 10.0.0.1 iFix2
IBM Emptoris Sourcing versions 10.0.1.x through 10.0.1.3 iFix2
IBM Emptoris Sourcing versions 10.0.2.x through 10.0.2.8
IBM Emptoris Sourcing versions 10.0.4.0 through 10.0.4.0 iFix7
IBM Emptoris Sourcing versions 10.1.0.0 through 10.1.0.0 iFix2
Description
The issue allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks.
Recommendations
For IBM Emptoris Sourcing versions 10.0.0.x, update to 10.0.0.1 iFix3 or later.
For IBM Emptoris Sourcing versions 10.0.1.x, update to 10.0.1.3 iFix3 or later.
For IBM Emptoris Sourcing versions 10.0.2.x, update to 10.0.2.8 iFix1 or later.
For IBM Emptoris Sourcing versions 10.0.4.0, update to 10.0.4.0 iFix8 or later.
For IBM Emptoris Sourcing versions 10.1.0.0, update to 10.1.0.0 iFix3 or later.
Correção
Open Redirect
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Ibm Emptoris Sourcing