CVE-2014-0925 — IBM Sterling Control Center vulnerability

3 documents3 sources

Severity

3.5LOWNVD

EPSS

0.1%

top 65.60%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

IBM Sterling Control Center

Timeline

PublishedMay 30

Latest updateMay 17

Description

Open redirect vulnerability in IBM Sterling Control Center 5.4.0 before 5.4.0.1 iFix 3 and 5.4.1 before 5.4.1.0 iFix 2 allows remote authenticated users to redirect users to arbitrary web sites and conduct phishing attacks via a crafted URL.

CVSS vector

AV:N/AC:M/C:N/I:P/A:NExploitability: 6.8 | Impact: 2.9

Affected Packages1 packages

▶NVDibm/sterling_control_center5.4.0, 5.4.0.1, 5.4.1.0+2

Patches

Patch: www-01.ibm.com ↗Patch: www-01.ibm.com ↗

🔴Vulnerability Details

GHSA

GHSA-fjr6-258w-9jmm: Open redirect vulnerability in IBM Sterling Control Center 5↗2022-05-17

▶

CVEList

CVE-2014-0925: Open redirect vulnerability in IBM Sterling Control Center 5↗2014-05-30

▶