CVE-2013-4061

IBM Rational Policy Tester 8.5 before 8.5.0.5 does not properly check authorization for changes to the set of authentication hosts, which allows remote authenticated users to perform spoofing attacks involving an HTTP redirect via unspecified vectors.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
4 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:S/C:N/I:P/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: Unknown
Affected Products (NVD)
VendorProductVersion
ibmrational_policy_tester
8.5.0.0
ibmrational_policy_tester
8.5.0.1
ibmrational_policy_tester
8.5.0.2
ibmrational_policy_tester
8.5.0.3
ibmrational_policy_tester
8.5.0.4
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www-01.ibm.com/support/docview.wss?uid=swg21648481
https://exchange.xforce.ibmcloud.com/vulnerabilities/86585
http://www-01.ibm.com/support/docview.wss?uid=swg21648481
https://exchange.xforce.ibmcloud.com/vulnerabilities/86585