PT-2014-5087 · Ibm · Ibm Tivoli Federated Identity Manager

Published

2014-10-02

Updated

2017-08-29

CVE-2014-3097

CVSS v2.0

4.3

Medium

Vector

AV:N/AC:M/Au:N/C:N/I:P/A:N

Name of the Vulnerable Software and Affected Versions IBM Tivoli Federated Identity Manager (TFIM) versions 6.2.0 through 6.2.0-TIV-TFIM-IF0015 IBM Tivoli Federated Identity Manager (TFIM) versions 6.2.1 through 6.2.1-TIV-TFIM-IF0007 IBM Tivoli Federated Identity Manager (TFIM) versions 6.2.2 through 6.2.2-TIV-TFIM-IF0011

Description The issue allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks.

Recommendations For versions 6.2.0 through 6.2.0-TIV-TFIM-IF0015, update to 6.2.0-TIV-TFIM-IF0015 or later. For versions 6.2.1 through 6.2.1-TIV-TFIM-IF0007, update to 6.2.1-TIV-TFIM-IF0007 or later. For versions 6.2.2 through 6.2.2-TIV-TFIM-IF0011, update to 6.2.2-TIV-TFIM-IF0011 or later.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2014-3097

Affected Products

Ibm Tivoli Federated Identity Manager

PT-2014-5087 · Ibm · Ibm Tivoli Federated Identity Manager

CVE-2014-3097

Related Identifiers

Affected Products

References · 14