FKIE_CVE-2010-0715

Vulnerability from fkie_nvd - Published: 2010-02-26 19:30 - Updated: 2025-04-11 00:51
Severity ?
Summary
Open redirect vulnerability in login.jsp in IBM WebSphere Portal, IBM Lotus Web Content Management (WCM), and IBM Lotus Workplace Web Content Management 5.1.0.0 through 5.1.0.5, 6.0.0.0 through 6.0.0.4, 6.0.1.0 through 6.0.1.7, 6.1.0.0 through 6.1.0.3, and 6.1.5.0; and IBM Lotus Quickr services 8.0, 8.0.0.2, 8.1, 8.1.1, and 8.1.1.1 for WebSphere Portal; allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via the query string.
References
cve@mitre.orghttp://www-01.ibm.com/support/docview.wss?uid=swg21421469Patch, Vendor Advisory
cve@mitre.orghttp://www.hacktics.com/content/advisories/AdvIBM20100224.htmlExploit
cve@mitre.orghttp://www.securityfocus.com/archive/1/509744/100/0/threaded
cve@mitre.orghttps://exchange.xforce.ibmcloud.com/vulnerabilities/56602
af854a3a-2127-422b-91ae-364da2661108http://www-01.ibm.com/support/docview.wss?uid=swg21421469Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.hacktics.com/content/advisories/AdvIBM20100224.htmlExploit
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/509744/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/56602
Impacted products
Vendor Product Version
ibm websphere_portal 5.1.0.0
ibm websphere_portal 5.1.0.1
ibm websphere_portal 5.1.0.2
ibm websphere_portal 5.1.0.3
ibm websphere_portal 5.1.0.4
ibm websphere_portal 5.1.0.5
ibm websphere_portal 6.0.0.0
ibm websphere_portal 6.0.0.1
ibm websphere_portal 6.0.0.2
ibm websphere_portal 6.0.0.3
ibm websphere_portal 6.0.0.4
ibm websphere_portal 6.0.1.0
ibm websphere_portal 6.0.1.1
ibm websphere_portal 6.0.1.2
ibm websphere_portal 6.0.1.3
ibm websphere_portal 6.0.1.4
ibm websphere_portal 6.0.1.5
ibm websphere_portal 6.0.1.6
ibm websphere_portal 6.0.1.7
ibm websphere_portal 6.1.0.0
ibm websphere_portal 6.1.0.1
ibm websphere_portal 6.1.0.2
ibm websphere_portal 6.1.0.3
ibm websphere_portal 6.1.5.0
ibm lotus_web_content_management 5.1.0.0
ibm lotus_web_content_management 5.1.0.1
ibm lotus_web_content_management 5.1.0.2
ibm lotus_web_content_management 5.1.0.3
ibm lotus_web_content_management 5.1.0.4
ibm lotus_web_content_management 5.1.0.5
ibm lotus_web_content_management 6.0.0.0
ibm lotus_web_content_management 6.0.0.1
ibm lotus_web_content_management 6.0.0.2
ibm lotus_web_content_management 6.0.0.3
ibm lotus_web_content_management 6.0.0.4
ibm lotus_web_content_management 6.0.1.0
ibm lotus_web_content_management 6.0.1.1
ibm lotus_web_content_management 6.0.1.2
ibm lotus_web_content_management 6.0.1.3
ibm lotus_web_content_management 6.0.1.4
ibm lotus_web_content_management 6.0.1.5
ibm lotus_web_content_management 6.0.1.6
ibm lotus_web_content_management 6.0.1.7
ibm lotus_web_content_management 6.1.0.0
ibm lotus_web_content_management 6.1.0.1
ibm lotus_web_content_management 6.1.0.2
ibm lotus_web_content_management 6.1.0.3
ibm lotus_web_content_management 6.1.5.0
ibm lotus_workplace_web_content_management 5.1.0.0
ibm lotus_workplace_web_content_management 5.1.0.1
ibm lotus_workplace_web_content_management 5.1.0.2
ibm lotus_workplace_web_content_management 5.1.0.3
ibm lotus_workplace_web_content_management 5.1.0.4
ibm lotus_workplace_web_content_management 5.1.0.5
ibm lotus_workplace_web_content_management 6.0.0.0
ibm lotus_workplace_web_content_management 6.0.0.1
ibm lotus_workplace_web_content_management 6.0.0.2
ibm lotus_workplace_web_content_management 6.0.0.3
ibm lotus_workplace_web_content_management 6.0.0.4
ibm lotus_workplace_web_content_management 6.0.1.0
ibm lotus_workplace_web_content_management 6.0.1.1
ibm lotus_workplace_web_content_management 6.0.1.2
ibm lotus_workplace_web_content_management 6.0.1.3
ibm lotus_workplace_web_content_management 6.0.1.4
ibm lotus_workplace_web_content_management 6.0.1.5
ibm lotus_workplace_web_content_management 6.0.1.6
ibm lotus_workplace_web_content_management 6.0.1.7
ibm lotus_workplace_web_content_management 6.1.0.0
ibm lotus_workplace_web_content_management 6.1.0.1
ibm lotus_workplace_web_content_management 6.1.0.2
ibm lotus_workplace_web_content_management 6.1.0.3
ibm lotus_workplace_web_content_management 6.1.5.0
ibm lotus_quickr 8.0
ibm lotus_quickr 8.0.0.2
ibm lotus_quickr 8.1
ibm lotus_quickr 8.1.1
ibm lotus_quickr 8.1.1.1
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:websphere_portal:5.1.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0B4DF048-224A-43DB-A796-44EAF9CD8838",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:websphere_portal:5.1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FA05BB8A-C367-4A09-87A4-C9D9C46AE52B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:websphere_portal:5.1.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "23785ACE-3F00-430E-B9ED-940A70A3201C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:websphere_portal:5.1.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "0F885AD0-1134-483C-9A69-98AC0D60E79B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:websphere_portal:5.1.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "2AF22D6E-7B21-4657-89ED-A7EF20BFF81F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:websphere_portal:5.1.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "13570CD6-7D5F-4665-A982-9E83FA25C68C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:websphere_portal:6.0.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "6C753E1B-D81B-4995-877E-58EDD6F49DDB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:websphere_portal:6.0.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "5D54D4DB-FA55-47AE-9E19-FB8368FD40C8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:websphere_portal:6.0.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "3FEB7016-D077-402A-99C7-E6F6290F1D0C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:websphere_portal:6.0.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "C064D03F-D49C-4A2F-A23D-3ADC18EC277A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:websphere_portal:6.0.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "6FDA430B-8996-43D4-BDBD-07A5C9EDB339",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:websphere_portal:6.0.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "092F8012-A1EE-46CE-B2B2-0604BF4ACBBA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:websphere_portal:6.0.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "9FC6A48A-E669-4AA0-AD83-85778A7B6C67",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:websphere_portal:6.0.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "8F8C5AD9-2086-4131-A03C-02A89D822080",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:websphere_portal:6.0.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "82FC2F98-1E99-4B50-88D5-7A2904F4585C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:websphere_portal:6.0.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "9B7F74AC-2B5E-4B6C-9551-576A4F312BBB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:websphere_portal:6.0.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "FC51FA38-1C63-47F5-A4CF-1128396B62C9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:websphere_portal:6.0.1.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "EBCCA8DE-50EF-4154-AF48-A8E1AA2659B3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:websphere_portal:6.0.1.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "AF550E47-49FB-4EBC-83E7-4CFCB7279FEC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:websphere_portal:6.1.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E618064A-3D05-4DC6-9A47-0EDF2427642F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:websphere_portal:6.1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3DE74154-3E79-4D56-96C4-D8E644F1419D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:websphere_portal:6.1.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "FA915826-5D89-43E9-83E7-88973648302A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:websphere_portal:6.1.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "C5DB29F4-59AB-439C-91C4-CDF677676C26",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:websphere_portal:6.1.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F1964FC-672F-4139-938F-A8EF9D86D9C2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:lotus_web_content_management:5.1.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "9516473F-0533-4326-B880-6B6FD591473D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_web_content_management:5.1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "773AC6CD-7DDE-4676-8647-26C3B83354DC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_web_content_management:5.1.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "A502A57D-97DE-424E-B005-B086C1149959",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_web_content_management:5.1.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "F8505A74-332E-4980-ABA2-BEE7E3D7B654",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_web_content_management:5.1.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "F49CBF7A-9C04-4960-B7B8-6F5C51785C56",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_web_content_management:5.1.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "F535D576-9AC7-4047-8AC3-9F1B5A961DB1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_web_content_management:6.0.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA0D9DBB-AA57-4816-8EC6-F7479B5481E2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_web_content_management:6.0.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "87844DD4-AF06-4A91-973A-F885AD8CA569",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_web_content_management:6.0.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC572C9B-BEBE-4619-9B34-73FD8C20F4B7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_web_content_management:6.0.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "66BC65C9-BF3E-41C0-ABD7-5587999FDA4D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_web_content_management:6.0.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "CD2F018F-3356-45B1-AF0B-8E17023A04E4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_web_content_management:6.0.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FC532381-C1D3-4FE3-9E32-614B91482255",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_web_content_management:6.0.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8153B9AE-9969-4D49-8B07-9817E0C37194",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_web_content_management:6.0.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "709CE95C-FCC3-4A8B-9A47-8114BDFEAD7A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_web_content_management:6.0.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "F55351DA-AEAC-40FC-B0B0-9CC1D456F651",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_web_content_management:6.0.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "F1E67047-A652-4828-BCE9-AB6C369B459F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_web_content_management:6.0.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "9B9A2F08-F9E6-4DC4-AFFD-77B6787FA81F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_web_content_management:6.0.1.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "9A727B34-8433-4571-AE1B-4F43320F57A0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_web_content_management:6.0.1.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "AC18431F-8C85-4C3A-85B9-ADA860F6C0D2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_web_content_management:6.1.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "108210EB-FFEF-4D69-A78D-85DA08913766",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_web_content_management:6.1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D993AD7F-81FC-4C82-9303-699B44ECC92E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_web_content_management:6.1.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "07EE7410-8A88-468A-B773-89D8A93859E6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_web_content_management:6.1.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "EF9A7C87-0DCE-4309-B344-AC106B6ECBD9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_web_content_management:6.1.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6141F9D-42F4-47D2-B340-356F174AA4AE",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:lotus_workplace_web_content_management:5.1.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4E8D8302-74CD-436A-92BD-C08F1254A2C1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_workplace_web_content_management:5.1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "673674BD-D171-47AF-8169-FBF6346993E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_workplace_web_content_management:5.1.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "959CF397-FAC9-488D-96E5-9839EDA77494",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_workplace_web_content_management:5.1.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "CA0A5D8C-6C5C-4666-BDC0-8451D1C9FCB3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_workplace_web_content_management:5.1.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "CF4257D6-58F8-4209-BF67-9124D1BA0B6E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_workplace_web_content_management:5.1.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "46AF30E4-3301-401B-94E5-D7FA9E62B82F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_workplace_web_content_management:6.0.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E986062-BBA8-4AA0-AD41-E101FEFD49EF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_workplace_web_content_management:6.0.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "250DFAAA-67A9-4E64-B1AE-0966EAC05468",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_workplace_web_content_management:6.0.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "FA75DD49-E267-4306-84D8-4C3A548841A0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_workplace_web_content_management:6.0.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "53E20727-E021-442A-B7CB-AB1DFEA21374",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_workplace_web_content_management:6.0.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "5434B4A9-1433-469B-8352-D0FDDD033E2B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_workplace_web_content_management:6.0.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "9EA803C8-EDAC-467E-B8CE-A60612AE86F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_workplace_web_content_management:6.0.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "812047C9-6477-455E-8739-4407336102F7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_workplace_web_content_management:6.0.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "10A39AB5-4BDB-4027-9F50-91BBFDAE8E0C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_workplace_web_content_management:6.0.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "20E03B68-715F-428D-84FD-F800D02DDB3A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_workplace_web_content_management:6.0.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "0CE191CE-C2F4-45F7-8CF3-565832E01AB9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_workplace_web_content_management:6.0.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "49CC6237-2E8C-415A-9C09-C8FD3F4C1E57",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_workplace_web_content_management:6.0.1.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "22D7C604-2F9B-4AA0-BEE0-379D2C65321F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_workplace_web_content_management:6.0.1.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "AAA1888C-A7F9-4019-8798-524EE7EB8A7B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_workplace_web_content_management:6.1.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "33D2422E-141A-414E-B283-E7BF570FFA80",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_workplace_web_content_management:6.1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "18C5D9B6-F013-46B7-AE06-609A0B11A8C5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_workplace_web_content_management:6.1.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "30E0AA87-E48E-46C3-B8DD-3C3A90322AD0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_workplace_web_content_management:6.1.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "6CA17FC6-DAE6-4FAC-B3CD-1269689314CF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_workplace_web_content_management:6.1.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E3CBEF3F-EB64-42D1-B23A-D3A20F900971",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:lotus_quickr:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "980401D7-AAF3-4AE4-9006-83D99170F5DB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_quickr:8.0.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "B3CA670F-E987-44ED-8A2A-62CCA5D037F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_quickr:8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "83B3B388-0438-4806-9F21-2170428739DF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_quickr:8.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2D3C43CE-8917-4109-A185-93699004638F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_quickr:8.1.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "344E13DD-DAFC-4394-8371-B032D117D6AE",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Open redirect vulnerability in login.jsp in IBM WebSphere Portal, IBM Lotus Web Content Management (WCM), and IBM Lotus Workplace Web Content Management 5.1.0.0 through 5.1.0.5, 6.0.0.0 through 6.0.0.4, 6.0.1.0 through 6.0.1.7, 6.1.0.0 through 6.1.0.3, and 6.1.5.0; and IBM Lotus Quickr services 8.0, 8.0.0.2, 8.1, 8.1.1, and 8.1.1.1 for WebSphere Portal; allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via the query string."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad de redireccionamiento directo en login.jsp en IBM WebSphere Portal, IBM Lotus Web Content Management (WCM), y IBM Lotus Workplace Web Content Management v5.1.0.0 hasta v5.1.0.5, v6.0.0.0 hasta v6.0.0.4, v6.0.1.0 hasta v6.0.1.7, v6.1.0.0 hasta v6.1.0.3, y v6.1.5.0; y IBM Lotus Quickr services v8.0, v8.0.0.2, v8.1, v8.1.1, y v8.1.1.1 para WebSphere Portal; permite a atacantes remotos redireccionar a los usuarios a sitios de su elecci\u00f3n y conducir ataques phising a trav\u00e9s de la cadena de la pregunta."
    }
  ],
  "id": "CVE-2010-0715",
  "lastModified": "2025-04-11T00:51:21.963",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 6.8,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2010-02-26T19:30:00.773",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21421469"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit"
      ],
      "url": "http://www.hacktics.com/content/advisories/AdvIBM20100224.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/509744/100/0/threaded"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56602"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21421469"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit"
      ],
      "url": "http://www.hacktics.com/content/advisories/AdvIBM20100224.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/509744/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56602"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.