CVE-2013-3036
Published Sep 12, 2013
Last updated 7 years ago
Overview
- Description
- Open redirect vulnerability in IBM Rational Requirements Composer before 4.0.4 allows remote authenticated users to redirect users to arbitrary web sites and conduct phishing attacks via a crafted URL.
- Source
- psirt@us.ibm.com
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 4.9
- Impact score
- 4.9
- Exploitability score
- 6.8
- Vector string
- AV:N/AC:M/Au:S/C:P/I:P/A:N
Weaknesses
- nvd@nist.gov
- CWE-20
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9442F575-4411-4900-90E8-3AA00F9B2329",
"versionEndIncluding": "4.0.3"
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BF6342F6-709A-4043-A879-57E9C7232C48"
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FEAAF6E2-74BE-4FB2-AE49-3C58F68BCEFB"
},
{
"criteria": "cpe:2.3:a:ibm:rational_requirements_composer:4.0.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "44EF2B1F-1CD0-4B6E-8C86-622B0E000F8E"
}
],
"operator": "OR"
}
]
}
]