CVE-2010-0715

Open redirect vulnerability in login.jsp in IBM WebSphere Portal, IBM Lotus Web Content Management (WCM), and IBM Lotus Workplace Web Content Management 5.1.0.0 through 5.1.0.5, 6.0.0.0 through 6.0.0.4, 6.0.1.0 through 6.0.1.7, 6.1.0.0 through 6.1.0.3, and 6.1.5.0; and IBM Lotus Quickr services 8.0, 8.0.0.2, 8.1, 8.1.1, and 8.1.1.1 for WebSphere Portal; allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via the query string.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
6.8 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:P/I:P/A:P
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 68%
VendorProductVersion
ibmwebsphere_portal
5.1.0.0
ibmwebsphere_portal
5.1.0.1
ibmwebsphere_portal
5.1.0.2
ibmwebsphere_portal
5.1.0.3
ibmwebsphere_portal
5.1.0.4
ibmwebsphere_portal
5.1.0.5
ibmwebsphere_portal
6.0.0.0
ibmwebsphere_portal
6.0.0.1
ibmwebsphere_portal
6.0.0.2
ibmwebsphere_portal
6.0.0.3
ibmwebsphere_portal
6.0.0.4
ibmwebsphere_portal
6.0.1.0
ibmwebsphere_portal
6.0.1.1
ibmwebsphere_portal
6.0.1.2
ibmwebsphere_portal
6.0.1.3
ibmwebsphere_portal
6.0.1.4
ibmwebsphere_portal
6.0.1.5
ibmwebsphere_portal
6.0.1.6
ibmwebsphere_portal
6.0.1.7
ibmwebsphere_portal
6.1.0.0
ibmwebsphere_portal
6.1.0.1
ibmwebsphere_portal
6.1.0.2
ibmwebsphere_portal
6.1.0.3
ibmwebsphere_portal
6.1.5.0
ibmlotus_web_content_management
5.1.0.0
ibmlotus_web_content_management
5.1.0.1
ibmlotus_web_content_management
5.1.0.2
ibmlotus_web_content_management
5.1.0.3
ibmlotus_web_content_management
5.1.0.4
ibmlotus_web_content_management
5.1.0.5
ibmlotus_web_content_management
6.0.0.0
ibmlotus_web_content_management
6.0.0.1
ibmlotus_web_content_management
6.0.0.2
ibmlotus_web_content_management
6.0.0.3
ibmlotus_web_content_management
6.0.0.4
ibmlotus_web_content_management
6.0.1.0
ibmlotus_web_content_management
6.0.1.1
ibmlotus_web_content_management
6.0.1.2
ibmlotus_web_content_management
6.0.1.3
ibmlotus_web_content_management
6.0.1.4
ibmlotus_web_content_management
6.0.1.5
ibmlotus_web_content_management
6.0.1.6
ibmlotus_web_content_management
6.0.1.7
ibmlotus_web_content_management
6.1.0.0
ibmlotus_web_content_management
6.1.0.1
ibmlotus_web_content_management
6.1.0.2
ibmlotus_web_content_management
6.1.0.3
ibmlotus_web_content_management
6.1.5.0
ibmlotus_workplace_web_content_management
5.1.0.0
ibmlotus_workplace_web_content_management
5.1.0.1
ibmlotus_workplace_web_content_management
5.1.0.2
ibmlotus_workplace_web_content_management
5.1.0.3
ibmlotus_workplace_web_content_management
5.1.0.4
ibmlotus_workplace_web_content_management
5.1.0.5
ibmlotus_workplace_web_content_management
6.0.0.0
ibmlotus_workplace_web_content_management
6.0.0.1
ibmlotus_workplace_web_content_management
6.0.0.2
ibmlotus_workplace_web_content_management
6.0.0.3
ibmlotus_workplace_web_content_management
6.0.0.4
ibmlotus_workplace_web_content_management
6.0.1.0
ibmlotus_workplace_web_content_management
6.0.1.1
ibmlotus_workplace_web_content_management
6.0.1.2
ibmlotus_workplace_web_content_management
6.0.1.3
ibmlotus_workplace_web_content_management
6.0.1.4
ibmlotus_workplace_web_content_management
6.0.1.5
ibmlotus_workplace_web_content_management
6.0.1.6
ibmlotus_workplace_web_content_management
6.0.1.7
ibmlotus_workplace_web_content_management
6.1.0.0
ibmlotus_workplace_web_content_management
6.1.0.1
ibmlotus_workplace_web_content_management
6.1.0.2
ibmlotus_workplace_web_content_management
6.1.0.3
ibmlotus_workplace_web_content_management
6.1.5.0
ibmlotus_quickr
8.0
ibmlotus_quickr
8.0.0.2
ibmlotus_quickr
8.1
ibmlotus_quickr
8.1.1
ibmlotus_quickr
8.1.1.1
𝑥
= Vulnerable software versions
References
http://www-01.ibm.com/support/docview.wss?uid=swg21421469
http://www.hacktics.com/content/advisories/AdvIBM20100224.html
http://www.securityfocus.com/archive/1/509744/100/0/threaded
https://exchange.xforce.ibmcloud.com/vulnerabilities/56602
http://www-01.ibm.com/support/docview.wss?uid=swg21421469
http://www.hacktics.com/content/advisories/AdvIBM20100224.html
http://www.securityfocus.com/archive/1/509744/100/0/threaded
https://exchange.xforce.ibmcloud.com/vulnerabilities/56602