CVE-2014-0845

EUVD-2014-0875
Open redirect vulnerability in IBM Rational Requirements Composer 3.x before 3.0.1.6 iFix2 and 4.x before 4.0.6, and Rational DOORS Next Generation 4.x before 4.0.6, allows remote authenticated users to redirect users to arbitrary web sites and conduct phishing attacks via a crafted URL.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
4.9 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:S/C:P/I:P/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 36%
Affected Products (NVD)
VendorProductVersion
ibmrational_requirements_composer
3.0.1
ibmrational_requirements_composer
3.0.1.1
ibmrational_requirements_composer
3.0.1.2
ibmrational_requirements_composer
3.0.1.3
ibmrational_requirements_composer
3.0.1.4
ibmrational_requirements_composer
3.0.1.5
ibmrational_requirements_composer
3.0.1.6
ibmrational_requirements_composer
4.0.0
ibmrational_requirements_composer
4.0.0.1
ibmrational_requirements_composer
4.0.0.2
ibmrational_requirements_composer
4.0.1
ibmrational_requirements_composer
4.0.2
ibmrational_requirements_composer
4.0.3
ibmrational_requirements_composer
4.0.4
ibmrational_requirements_composer
4.0.5
ibmrational_doors_next_generation
4.0.0
ibmrational_doors_next_generation
4.0.1
ibmrational_doors_next_generation
4.0.2
ibmrational_doors_next_generation
4.0.3
ibmrational_doors_next_generation
4.0.4
ibmrational_doors_next_generation
4.0.5
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www-01.ibm.com/support/docview.wss?uid=swg21664412
http://www.securityfocus.com/bid/65916
https://exchange.xforce.ibmcloud.com/vulnerabilities/90719
http://www-01.ibm.com/support/docview.wss?uid=swg21664412
http://www.securityfocus.com/bid/65916
https://exchange.xforce.ibmcloud.com/vulnerabilities/90719