CVE-2015-1921 — IBM Websphere Portal vulnerability

16 documents4 sources

Severity

6.4MEDIUMNVD

EPSS

0.2%

top 54.38%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

IBM Websphere Portal

Timeline

PublishedMay 25

Latest updateMay 17

Description

Open redirect vulnerability in IBM WebSphere Portal 8.0.0 before 8.0.0.1 CF17 and 8.5.0 before CF06 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a crafted URL.

CVSS vector

AV:N/AC:L/C:P/I:P/A:NExploitability: 10.0 | Impact: 4.9

Affected Packages1 packages

▶NVDibm/websphere_portal8.0.0.0, 8.0.0.1, 8.5.0.0+2

🔴Vulnerability Details

GHSA

GHSA-59xh-m3gr-h73q: Open redirect vulnerability in IBM WebSphere Portal 8↗2022-05-17

▶

CVEList

CVE-2015-1921: Open redirect vulnerability in IBM WebSphere Portal 8↗2015-05-25

▶

💬Community

Bugzilla

CVE-2015-4882 OpenJDK: incorrect String object deserialization in IIOPInputStream (CORBA, 8076387)↗2015-10-20

▶

Bugzilla

CVE-2015-4803 OpenJDK: inefficient use of hash tables and lists during XML parsing (JAXP, 8068842)↗2015-10-20

▶