CVE-2013-5431

CWE-20Improper Input Validation3 documents3 sources
Severity
5.8MEDIUM
EPSS
1.3%
top 20.23%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
IBM Tivoli Federated Identity ManagerIBM Tivoli Federated Identity Manager Business Gateway
Timeline
PublishedNov 1
Latest updateMay 17

Description

Open redirect vulnerability in IBM Tivoli Federated Identity Manager (TFIM) 6.1.1 before IF 15, 6.2.0 before IF 14, 6.2.1, and 6.2.2 before IF 8 and Tivoli Federated Identity Manager Business Gateway (TFIMBG) 6.1.1 before IF 15, 6.2.0 before IF 14, 6.2.1, and 6.2.2 before IF 8 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.

CVSS vector

AV:N/AC:M/C:P/I:P/A:NExploitability: 8.6 | Impact: 4.9

Affected Packages2 packages

🔴Vulnerability Details

2
GHSA
GHSA-r8hc-r4p8-6ffh: Open redirect vulnerability in IBM Tivoli Federated Identity Manager (TFIM) 62022-05-17
CVEList
CVE-2013-5431: Open redirect vulnerability in IBM Tivoli Federated Identity Manager (TFIM) 62013-11-01