PT-2019-16853 · Ibm · Ibm Content Navigator

Published

2019-03-22

Updated

2022-01-01

CVE-2019-4035

CVSS v3.1

5.4

Medium

Vector

AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Name of the Vulnerable Software and Affected Versions IBM Content Navigator version 3.0CD

Description The issue allows attackers to redirect web traffic to a malicious site. By creating a fake IBM Content Navigator site, attackers can trick users into sending requests to their Edit client, which then downloads documents from the fake site.

Recommendations For IBM Content Navigator version 3.0CD, consider restricting access to the Edit client to minimize the risk of exploitation until a fix is available.

Fix

Open Redirect

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-601

Related Identifiers

CVE-2019-4035

Affected Products

Ibm Content Navigator

PT-2019-16853 · Ibm · Ibm Content Navigator

CVE-2019-4035

Weakness Enumeration

Related Identifiers

Affected Products

References · 5