CVE-2014-0845

Loading...

General

Score:4.9/10.0
Severity:Low
Category:Input Validation Error

Impact Metrics

Confidentiality:Partial
Integrity:Partial
Availability:None

Exploitability Metrics

Access Vector:Network
Access Complexity:Medium
Authentication:Single

Published on 04/03/14 - Updated on 29/08/17

Description

Open redirect vulnerability in IBM Rational Requirements Composer 3.x before 3.0.1.6 iFix2 and 4.x before 4.0.6, and Rational DOORS Next Generation 4.x before 4.0.6, allows remote authenticated users to redirect users to arbitrary web sites and conduct phishing attacks via a crafted URL.

Category: Input Validation Error

CWE-20 (Input Validation)
The product does not validate or incorrectly validates input that can affect the control flow or data flow of a program.

Security Notices

US National Vulnerability DatabaseCVE-2014-0845

Exploits

No exploits available for this CVE in our database.

Relative technologies

VendorProduct
ibmrational_doors_next_generation
ibmrational_requirements_composer

Share this vulnerability with:

Twitter Facebook LinkedIn Mail