CVE-2013-4061

IBM Rational Policy Tester 8.5 before 8.5.0.5 does not properly check authorization for changes to the set of authentication hosts, which allows remote authenticated users to perform spoofing attacks involving an HTTP redirect via unspecified vectors.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
4 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:S/C:N/I:P/A:N
ibmCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 38%
VendorProductVersion
ibmrational_policy_tester
8.5.0.0
ibmrational_policy_tester
8.5.0.1
ibmrational_policy_tester
8.5.0.2
ibmrational_policy_tester
8.5.0.3
ibmrational_policy_tester
8.5.0.4
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www-01.ibm.com/support/docview.wss?uid=swg21648481
https://exchange.xforce.ibmcloud.com/vulnerabilities/86585
http://www-01.ibm.com/support/docview.wss?uid=swg21648481
https://exchange.xforce.ibmcloud.com/vulnerabilities/86585