Open redirect in IBM WebSphere Portal
| Risk | Medium |
| Patch available | YES |
| Number of vulnerabilities | 1 |
| CVE-ID | CVE-2017-1156 |
| CWE-ID | CWE-601 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software |
WebSphere Portal Server applications / Application servers |
| Vendor | IBM Corporation |
Security Bulletin
This security bulletin contains one medium risk vulnerability.
1) Open redirect
EUVDB-ID: #VU6422
Risk: Medium
CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2017-1156
CWE-ID:
CWE-601 - URL Redirection to Untrusted Site ('Open Redirect')
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform phishing attacks.
The weakness exists due to improper validation of user-supplied data used to redirect visitors to external pages. A remote attacker can create a specially crafted link, trick the victim into following it, spoof the URL displayed to redirect a user to a malicious Web site that would appear to be trusted and obtain potentially sensitive information.
Successful exploitation of the vulnerability will allow to steal valid user's credentials and use the information to conduct further attacks.
Mitigation
Install update from vendor's website.
WebSphere Portal: 8.5.0.0 - 9.0.0.0
CPE2.3- cpe:2.3:a:ibm_corporation:websphere_portal:8.5.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:websphere_portal:9.0.0.0:*:*:*:*:*:*:*
https://www-01.ibm.com/support/docview.wss?uid=swg22000153
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
