CVE-2016-6020

IBM Sterling B2B Integrator Standard Edition could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to spoof the URL displayed to redirect a user to a malicious Web site that would appear to be trusted. This could allow the attacker to obtain highly sensitive information or conduct further attacks against the victim.
References
Link Resource
http://www.ibm.com/support/docview.wss?uid=swg21995794 Patch Vendor Advisory
http://www.securityfocus.com/bid/95098 Third Party Advisory VDB Entry
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

OR cpe:2.3:a:ibm:sterling_b2b_integrator:5.2.6:*:*:*:*:*:*:*
cpe:2.3:a:ibm:sterling_b2b_integrator:5.2.4.2:*:*:*:*:*:*:*
cpe:2.3:a:ibm:sterling_b2b_integrator:5.2.4.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:sterling_b2b_integrator:5.2:*:*:*:*:*:*:*
cpe:2.3:a:ibm:sterling_b2b_integrator:5.2.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:sterling_b2b_integrator:5.2.2:*:*:*:*:*:*:*
cpe:2.3:a:ibm:sterling_b2b_integrator:5.2.4:*:*:*:*:*:*:*
cpe:2.3:a:ibm:sterling_b2b_integrator:5.2.5:*:*:*:*:*:*:*

Information

Published : 2017-02-01 12:59

Updated : 2017-02-09 09:03


NVD link : CVE-2016-6020

Mitre link : CVE-2016-6020


JSON object : View

CWE
CWE-601

URL Redirection to Untrusted Site ('Open Redirect')

Advertisement

dedicated server usa

Products Affected

ibm

  • sterling_b2b_integrator