CVE-2010-0715

Published Feb 26, 2010
Last updated a month ago
CVSS info 6.8
Overview

Description: Open redirect vulnerability in login.jsp in IBM WebSphere Portal, IBM Lotus Web Content Management (WCM), and IBM Lotus Workplace Web Content Management 5.1.0.0 through 5.1.0.5, 6.0.0.0 through 6.0.0.4, 6.0.1.0 through 6.0.1.7, 6.1.0.0 through 6.1.0.3, and 6.1.5.0; and IBM Lotus Quickr services 8.0, 8.0.0.2, 8.1, 8.1.1, and 8.1.1.1 for WebSphere Portal; allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via the query string.
Source: cve@mitre.org
NVD status: Deferred
Risk scores

CVSS 2.0

Type: Primary
Base score: 6.8
Impact score: 6.4
Exploitability score: 8.6
Vector string: AV:N/AC:M/Au:N/C:P/I:P/A:P
Weaknesses

nvd@nist.gov: NVD-CWE-Other
Hype score: Not currently trending
Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:ibm:websphere_portal:5.1.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0B4DF048-224A-43DB-A796-44EAF9CD8838"
          },
          {
            "criteria": "cpe:2.3:a:ibm:websphere_portal:5.1.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FA05BB8A-C367-4A09-87A4-C9D9C46AE52B"
          },
          {
            "criteria": "cpe:2.3:a:ibm:websphere_portal:5.1.0.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "23785ACE-3F00-430E-B9ED-940A70A3201C"
          },
          {
            "criteria": "cpe:2.3:a:ibm:websphere_portal:5.1.0.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0F885AD0-1134-483C-9A69-98AC0D60E79B"
          },
          {
            "criteria": "cpe:2.3:a:ibm:websphere_portal:5.1.0.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2AF22D6E-7B21-4657-89ED-A7EF20BFF81F"
          },
          {
            "criteria": "cpe:2.3:a:ibm:websphere_portal:5.1.0.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "13570CD6-7D5F-4665-A982-9E83FA25C68C"
          },
          {
            "criteria": "cpe:2.3:a:ibm:websphere_portal:6.0.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6C753E1B-D81B-4995-877E-58EDD6F49DDB"
          },
          {
            "criteria": "cpe:2.3:a:ibm:websphere_portal:6.0.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5D54D4DB-FA55-47AE-9E19-FB8368FD40C8"
          },
          {
            "criteria": "cpe:2.3:a:ibm:websphere_portal:6.0.0.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3FEB7016-D077-402A-99C7-E6F6290F1D0C"
          },
          {
            "criteria": "cpe:2.3:a:ibm:websphere_portal:6.0.0.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C064D03F-D49C-4A2F-A23D-3ADC18EC277A"
          },
          {
            "criteria": "cpe:2.3:a:ibm:websphere_portal:6.0.0.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6FDA430B-8996-43D4-BDBD-07A5C9EDB339"
          },
          {
            "criteria": "cpe:2.3:a:ibm:websphere_portal:6.0.1.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "092F8012-A1EE-46CE-B2B2-0604BF4ACBBA"
          },
          {
            "criteria": "cpe:2.3:a:ibm:websphere_portal:6.0.1.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9FC6A48A-E669-4AA0-AD83-85778A7B6C67"
          },
          {
            "criteria": "cpe:2.3:a:ibm:websphere_portal:6.0.1.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8F8C5AD9-2086-4131-A03C-02A89D822080"
          },
          {
            "criteria": "cpe:2.3:a:ibm:websphere_portal:6.0.1.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "82FC2F98-1E99-4B50-88D5-7A2904F4585C"
          },
          {
            "criteria": "cpe:2.3:a:ibm:websphere_portal:6.0.1.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9B7F74AC-2B5E-4B6C-9551-576A4F312BBB"
          },
          {
            "criteria": "cpe:2.3:a:ibm:websphere_portal:6.0.1.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FC51FA38-1C63-47F5-A4CF-1128396B62C9"
          },
          {
            "criteria": "cpe:2.3:a:ibm:websphere_portal:6.0.1.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EBCCA8DE-50EF-4154-AF48-A8E1AA2659B3"
          },
          {
            "criteria": "cpe:2.3:a:ibm:websphere_portal:6.0.1.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AF550E47-49FB-4EBC-83E7-4CFCB7279FEC"
          },
          {
            "criteria": "cpe:2.3:a:ibm:websphere_portal:6.1.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E618064A-3D05-4DC6-9A47-0EDF2427642F"
          },
          {
            "criteria": "cpe:2.3:a:ibm:websphere_portal:6.1.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3DE74154-3E79-4D56-96C4-D8E644F1419D"
          },
          {
            "criteria": "cpe:2.3:a:ibm:websphere_portal:6.1.0.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FA915826-5D89-43E9-83E7-88973648302A"
          },
          {
            "criteria": "cpe:2.3:a:ibm:websphere_portal:6.1.0.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C5DB29F4-59AB-439C-91C4-CDF677676C26"
          },
          {
            "criteria": "cpe:2.3:a:ibm:websphere_portal:6.1.5.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3F1964FC-672F-4139-938F-A8EF9D86D9C2"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:ibm:lotus_web_content_management:5.1.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9516473F-0533-4326-B880-6B6FD591473D"
          },
          {
            "criteria": "cpe:2.3:a:ibm:lotus_web_content_management:5.1.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "773AC6CD-7DDE-4676-8647-26C3B83354DC"
          },
          {
            "criteria": "cpe:2.3:a:ibm:lotus_web_content_management:5.1.0.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A502A57D-97DE-424E-B005-B086C1149959"
          },
          {
            "criteria": "cpe:2.3:a:ibm:lotus_web_content_management:5.1.0.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F8505A74-332E-4980-ABA2-BEE7E3D7B654"
          },
          {
            "criteria": "cpe:2.3:a:ibm:lotus_web_content_management:5.1.0.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F49CBF7A-9C04-4960-B7B8-6F5C51785C56"
          },
          {
            "criteria": "cpe:2.3:a:ibm:lotus_web_content_management:5.1.0.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F535D576-9AC7-4047-8AC3-9F1B5A961DB1"
          },
          {
            "criteria": "cpe:2.3:a:ibm:lotus_web_content_management:6.0.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EA0D9DBB-AA57-4816-8EC6-F7479B5481E2"
          },
          {
            "criteria": "cpe:2.3:a:ibm:lotus_web_content_management:6.0.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "87844DD4-AF06-4A91-973A-F885AD8CA569"
          },
          {
            "criteria": "cpe:2.3:a:ibm:lotus_web_content_management:6.0.0.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EC572C9B-BEBE-4619-9B34-73FD8C20F4B7"
          },
          {
            "criteria": "cpe:2.3:a:ibm:lotus_web_content_management:6.0.0.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "66BC65C9-BF3E-41C0-ABD7-5587999FDA4D"
          },
          {
            "criteria": "cpe:2.3:a:ibm:lotus_web_content_management:6.0.0.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CD2F018F-3356-45B1-AF0B-8E17023A04E4"
          },
          {
            "criteria": "cpe:2.3:a:ibm:lotus_web_content_management:6.0.1.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FC532381-C1D3-4FE3-9E32-614B91482255"
          },
          {
            "criteria": "cpe:2.3:a:ibm:lotus_web_content_management:6.0.1.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8153B9AE-9969-4D49-8B07-9817E0C37194"
          },
          {
            "criteria": "cpe:2.3:a:ibm:lotus_web_content_management:6.0.1.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "709CE95C-FCC3-4A8B-9A47-8114BDFEAD7A"
          },
          {
            "criteria": "cpe:2.3:a:ibm:lotus_web_content_management:6.0.1.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F55351DA-AEAC-40FC-B0B0-9CC1D456F651"
          },
          {
            "criteria": "cpe:2.3:a:ibm:lotus_web_content_management:6.0.1.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F1E67047-A652-4828-BCE9-AB6C369B459F"
          },
          {
            "criteria": "cpe:2.3:a:ibm:lotus_web_content_management:6.0.1.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9B9A2F08-F9E6-4DC4-AFFD-77B6787FA81F"
          },
          {
            "criteria": "cpe:2.3:a:ibm:lotus_web_content_management:6.0.1.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9A727B34-8433-4571-AE1B-4F43320F57A0"
          },
          {
            "criteria": "cpe:2.3:a:ibm:lotus_web_content_management:6.0.1.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AC18431F-8C85-4C3A-85B9-ADA860F6C0D2"
          },
          {
            "criteria": "cpe:2.3:a:ibm:lotus_web_content_management:6.1.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "108210EB-FFEF-4D69-A78D-85DA08913766"
          },
          {
            "criteria": "cpe:2.3:a:ibm:lotus_web_content_management:6.1.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D993AD7F-81FC-4C82-9303-699B44ECC92E"
          },
          {
            "criteria": "cpe:2.3:a:ibm:lotus_web_content_management:6.1.0.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "07EE7410-8A88-468A-B773-89D8A93859E6"
          },
          {
            "criteria": "cpe:2.3:a:ibm:lotus_web_content_management:6.1.0.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EF9A7C87-0DCE-4309-B344-AC106B6ECBD9"
          },
          {
            "criteria": "cpe:2.3:a:ibm:lotus_web_content_management:6.1.5.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D6141F9D-42F4-47D2-B340-356F174AA4AE"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:ibm:lotus_workplace_web_content_management:5.1.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4E8D8302-74CD-436A-92BD-C08F1254A2C1"
          },
          {
            "criteria": "cpe:2.3:a:ibm:lotus_workplace_web_content_management:5.1.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "673674BD-D171-47AF-8169-FBF6346993E0"
          },
          {
            "criteria": "cpe:2.3:a:ibm:lotus_workplace_web_content_management:5.1.0.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "959CF397-FAC9-488D-96E5-9839EDA77494"
          },
          {
            "criteria": "cpe:2.3:a:ibm:lotus_workplace_web_content_management:5.1.0.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CA0A5D8C-6C5C-4666-BDC0-8451D1C9FCB3"
          },
          {
            "criteria": "cpe:2.3:a:ibm:lotus_workplace_web_content_management:5.1.0.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CF4257D6-58F8-4209-BF67-9124D1BA0B6E"
          },
          {
            "criteria": "cpe:2.3:a:ibm:lotus_workplace_web_content_management:5.1.0.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "46AF30E4-3301-401B-94E5-D7FA9E62B82F"
          },
          {
            "criteria": "cpe:2.3:a:ibm:lotus_workplace_web_content_management:6.0.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8E986062-BBA8-4AA0-AD41-E101FEFD49EF"
          },
          {
            "criteria": "cpe:2.3:a:ibm:lotus_workplace_web_content_management:6.0.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "250DFAAA-67A9-4E64-B1AE-0966EAC05468"
          },
          {
            "criteria": "cpe:2.3:a:ibm:lotus_workplace_web_content_management:6.0.0.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FA75DD49-E267-4306-84D8-4C3A548841A0"
          },
          {
            "criteria": "cpe:2.3:a:ibm:lotus_workplace_web_content_management:6.0.0.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "53E20727-E021-442A-B7CB-AB1DFEA21374"
          },
          {
            "criteria": "cpe:2.3:a:ibm:lotus_workplace_web_content_management:6.0.0.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5434B4A9-1433-469B-8352-D0FDDD033E2B"
          },
          {
            "criteria": "cpe:2.3:a:ibm:lotus_workplace_web_content_management:6.0.1.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9EA803C8-EDAC-467E-B8CE-A60612AE86F1"
          },
          {
            "criteria": "cpe:2.3:a:ibm:lotus_workplace_web_content_management:6.0.1.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "812047C9-6477-455E-8739-4407336102F7"
          },
          {
            "criteria": "cpe:2.3:a:ibm:lotus_workplace_web_content_management:6.0.1.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "10A39AB5-4BDB-4027-9F50-91BBFDAE8E0C"
          },
          {
            "criteria": "cpe:2.3:a:ibm:lotus_workplace_web_content_management:6.0.1.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "20E03B68-715F-428D-84FD-F800D02DDB3A"
          },
          {
            "criteria": "cpe:2.3:a:ibm:lotus_workplace_web_content_management:6.0.1.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0CE191CE-C2F4-45F7-8CF3-565832E01AB9"
          },
          {
            "criteria": "cpe:2.3:a:ibm:lotus_workplace_web_content_management:6.0.1.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "49CC6237-2E8C-415A-9C09-C8FD3F4C1E57"
          },
          {
            "criteria": "cpe:2.3:a:ibm:lotus_workplace_web_content_management:6.0.1.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "22D7C604-2F9B-4AA0-BEE0-379D2C65321F"
          },
          {
            "criteria": "cpe:2.3:a:ibm:lotus_workplace_web_content_management:6.0.1.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AAA1888C-A7F9-4019-8798-524EE7EB8A7B"
          },
          {
            "criteria": "cpe:2.3:a:ibm:lotus_workplace_web_content_management:6.1.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "33D2422E-141A-414E-B283-E7BF570FFA80"
          },
          {
            "criteria": "cpe:2.3:a:ibm:lotus_workplace_web_content_management:6.1.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "18C5D9B6-F013-46B7-AE06-609A0B11A8C5"
          },
          {
            "criteria": "cpe:2.3:a:ibm:lotus_workplace_web_content_management:6.1.0.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "30E0AA87-E48E-46C3-B8DD-3C3A90322AD0"
          },
          {
            "criteria": "cpe:2.3:a:ibm:lotus_workplace_web_content_management:6.1.0.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6CA17FC6-DAE6-4FAC-B3CD-1269689314CF"
          },
          {
            "criteria": "cpe:2.3:a:ibm:lotus_workplace_web_content_management:6.1.5.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E3CBEF3F-EB64-42D1-B23A-D3A20F900971"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:ibm:lotus_quickr:8.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "980401D7-AAF3-4AE4-9006-83D99170F5DB"
          },
          {
            "criteria": "cpe:2.3:a:ibm:lotus_quickr:8.0.0.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B3CA670F-E987-44ED-8A2A-62CCA5D037F1"
          },
          {
            "criteria": "cpe:2.3:a:ibm:lotus_quickr:8.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "83B3B388-0438-4806-9F21-2170428739DF"
          },
          {
            "criteria": "cpe:2.3:a:ibm:lotus_quickr:8.1.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2D3C43CE-8917-4109-A185-93699004638F"
          },
          {
            "criteria": "cpe:2.3:a:ibm:lotus_quickr:8.1.1.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "344E13DD-DAFC-4394-8371-B032D117D6AE"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]
References

Sources include official advisories and independent security research.
Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References
