Vulnerability Details : CVE-2015-1921
Open redirect vulnerability in IBM WebSphere Portal 8.0.0 before 8.0.0.1 CF17 and 8.5.0 before CF06 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a crafted URL.
Vulnerability category: Open redirect
Products affected by CVE-2015-1921
- cpe:2.3:a:ibm:websphere_portal:8.0.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_portal:8.0.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_portal:8.5.0.0:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2015-1921
0.34%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 53 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2015-1921
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
6.4
|
MEDIUM | AV:N/AC:L/Au:N/C:P/I:P/A:N |
10.0
|
4.9
|
NIST |
References for CVE-2015-1921
-
http://www.securityfocus.com/bid/74705
IBM WebSphere Portal CVE-2015-1921 Unspecified Open Redirection VulnerabilityThird Party Advisory;VDB Entry
-
http://www-01.ibm.com/support/docview.wss?uid=swg1PI38632
IBM notice: The page you requested cannot be displayed
-
http://www-01.ibm.com/support/docview.wss?uid=swg21884060
IBM Security Bulletin: Fix available for Open Redirect Vulnerability in IBM WebSphere Portal (CVE-2015-1921)Vendor Advisory
Jump to