CVE-2014-0845

CWE-20Improper Input Validation3 documents3 sources
Severity
4.9MEDIUM
EPSS
0.2%
top 63.16%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
IBM Rational Doors Next GenerationIBM Rational Requirements Composer
Timeline
PublishedMar 4
Latest updateMay 17

Description

Open redirect vulnerability in IBM Rational Requirements Composer 3.x before 3.0.1.6 iFix2 and 4.x before 4.0.6, and Rational DOORS Next Generation 4.x before 4.0.6, allows remote authenticated users to redirect users to arbitrary web sites and conduct phishing attacks via a crafted URL.

CVSS vector

AV:N/AC:M/C:P/I:P/A:NExploitability: 6.8 | Impact: 4.9

Affected Packages2 packages

🔴Vulnerability Details

2
GHSA
GHSA-3mgv-rw6h-g4mm: Open redirect vulnerability in IBM Rational Requirements Composer 32022-05-17
CVEList
CVE-2014-0845: Open redirect vulnerability in IBM Rational Requirements Composer 32014-03-04
CVE-2014-0845 (MEDIUM CVSS 4.9) | Open redirect vulnerability in IBM | cvebase.io