CVE-2015-7428 — IBM Websphere Portal vulnerability

3 documents3 sources

Severity

7.4HIGHNVD

EPSS

0.2%

top 57.77%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

IBM Websphere Portal

Timeline

PublishedFeb 29

Latest updateMay 17

Description

Open redirect vulnerability in IBM WebSphere Portal 8.0.x before 8.0.0.1 CF20 and 8.5.x before 8.5.0.0 CF09 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a crafted URL.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:NExploitability: 2.8 | Impact: 4.0

Affected Packages1 packages

▶NVDibm/websphere_portal8.0.0.0, 8.0.0.1, 8.5.0.0+2

🔴Vulnerability Details

GHSA

GHSA-7jgc-628q-9526: Open redirect vulnerability in IBM WebSphere Portal 8↗2022-05-17

▶

CVEList

CVE-2015-7428: Open redirect vulnerability in IBM WebSphere Portal 8↗2016-02-29

▶