IBM Emptoris Supplier Lifecycle Management 10.0.x and 10.1.x could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to spoof the URL displayed to redirect a user to a malicious Web site that would appear to be trusted. This could allow the attacker to obtain highly sensitive information or conduct further attacks against the victim. IBM X-Force ID: 118836.
A web application accepts a user-controlled input that specifies a link to an external site, and uses that link in a Redirect. This simplifies phishing attacks.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Emptoris_strategic_supply_management | Ibm | 10.0.0.0 (including) | 10.0.0.0 (including) |
Emptoris_strategic_supply_management | Ibm | 10.0.0.1 (including) | 10.0.0.1 (including) |
Emptoris_strategic_supply_management | Ibm | 10.0.0.2 (including) | 10.0.0.2 (including) |
Emptoris_strategic_supply_management | Ibm | 10.0.0.3 (including) | 10.0.0.3 (including) |
Emptoris_strategic_supply_management | Ibm | 10.0.1.0 (including) | 10.0.1.0 (including) |
Emptoris_strategic_supply_management | Ibm | 10.0.1.1 (including) | 10.0.1.1 (including) |
Emptoris_strategic_supply_management | Ibm | 10.0.1.2 (including) | 10.0.1.2 (including) |
Emptoris_strategic_supply_management | Ibm | 10.0.1.3 (including) | 10.0.1.3 (including) |
Emptoris_strategic_supply_management | Ibm | 10.0.1.4 (including) | 10.0.1.4 (including) |
Emptoris_strategic_supply_management | Ibm | 10.0.2.0 (including) | 10.0.2.0 (including) |
Emptoris_strategic_supply_management | Ibm | 10.0.2.1 (including) | 10.0.2.1 (including) |
Emptoris_strategic_supply_management | Ibm | 10.0.2.2 (including) | 10.0.2.2 (including) |
Emptoris_strategic_supply_management | Ibm | 10.0.2.3 (including) | 10.0.2.3 (including) |
Emptoris_strategic_supply_management | Ibm | 10.0.2.4 (including) | 10.0.2.4 (including) |
Emptoris_strategic_supply_management | Ibm | 10.0.2.5 (including) | 10.0.2.5 (including) |
Emptoris_strategic_supply_management | Ibm | 10.0.2.6 (including) | 10.0.2.6 (including) |
Emptoris_strategic_supply_management | Ibm | 10.0.2.7 (including) | 10.0.2.7 (including) |
Emptoris_strategic_supply_management | Ibm | 10.0.2.8 (including) | 10.0.2.8 (including) |
Emptoris_strategic_supply_management | Ibm | 10.0.2.9 (including) | 10.0.2.9 (including) |
Emptoris_strategic_supply_management | Ibm | 10.0.2.10 (including) | 10.0.2.10 (including) |
Emptoris_strategic_supply_management | Ibm | 10.0.2.11 (including) | 10.0.2.11 (including) |
Emptoris_strategic_supply_management | Ibm | 10.0.2.12 (including) | 10.0.2.12 (including) |
Emptoris_strategic_supply_management | Ibm | 10.0.2.13 (including) | 10.0.2.13 (including) |
Emptoris_strategic_supply_management | Ibm | 10.0.2.14 (including) | 10.0.2.14 (including) |
Emptoris_strategic_supply_management | Ibm | 10.0.2.15 (including) | 10.0.2.15 (including) |
Emptoris_strategic_supply_management | Ibm | 10.0.2.16 (including) | 10.0.2.16 (including) |
Emptoris_strategic_supply_management | Ibm | 10.0.2.17 (including) | 10.0.2.17 (including) |
Emptoris_strategic_supply_management | Ibm | 10.0.4.0 (including) | 10.0.4.0 (including) |
Emptoris_strategic_supply_management | Ibm | 10.1.0.0 (including) | 10.1.0.0 (including) |
Emptoris_strategic_supply_management | Ibm | 10.1.0.1 (including) | 10.1.0.1 (including) |
Emptoris_strategic_supply_management | Ibm | 10.1.0.2 (including) | 10.1.0.2 (including) |
Emptoris_strategic_supply_management | Ibm | 10.1.0.3 (including) | 10.1.0.3 (including) |
Emptoris_strategic_supply_management | Ibm | 10.1.0.4 (including) | 10.1.0.4 (including) |
Emptoris_strategic_supply_management | Ibm | 10.1.0.5 (including) | 10.1.0.5 (including) |
Emptoris_strategic_supply_management | Ibm | 10.1.0.6 (including) | 10.1.0.6 (including) |
Emptoris_strategic_supply_management | Ibm | 10.1.0.7 (including) | 10.1.0.7 (including) |
Emptoris_strategic_supply_management | Ibm | 10.1.0.8 (including) | 10.1.0.8 (including) |
Emptoris_strategic_supply_management | Ibm | 10.1.0.9 (including) | 10.1.0.9 (including) |
Emptoris_strategic_supply_management | Ibm | 10.1.0.10 (including) | 10.1.0.10 (including) |
Emptoris_strategic_supply_management | Ibm | 10.1.0.11 (including) | 10.1.0.11 (including) |
Emptoris_strategic_supply_management | Ibm | 10.1.1.0 (including) | 10.1.1.0 (including) |
Emptoris_strategic_supply_management | Ibm | 10.1.1.1 (including) | 10.1.1.1 (including) |
Emptoris_strategic_supply_management | Ibm | 10.1.1.2 (including) | 10.1.1.2 (including) |
Emptoris_strategic_supply_management | Ibm | 10.1.1.3 (including) | 10.1.1.3 (including) |
Emptoris_strategic_supply_management | Ibm | 10.1.1.4 (including) | 10.1.1.4 (including) |
Emptoris_strategic_supply_management | Ibm | 10.1.1.5 (including) | 10.1.1.5 (including) |
Emptoris_strategic_supply_management | Ibm | 10.1.1.6 (including) | 10.1.1.6 (including) |
Emptoris_strategic_supply_management | Ibm | 10.1.1.7 (including) | 10.1.1.7 (including) |
Emptoris_strategic_supply_management | Ibm | 10.1.1.8 (including) | 10.1.1.8 (including) |
Emptoris_strategic_supply_management | Ibm | 10.1.1.9 (including) | 10.1.1.9 (including) |
Emptoris_strategic_supply_management | Ibm | 10.1.1.10 (including) | 10.1.1.10 (including) |
Emptoris_supplier_lifecycle_management | Ibm | 10.0.0.0 (including) | 10.0.0.0 (including) |
Emptoris_supplier_lifecycle_management | Ibm | 10.0.0.1 (including) | 10.0.0.1 (including) |
Emptoris_supplier_lifecycle_management | Ibm | 10.0.0.2 (including) | 10.0.0.2 (including) |
Emptoris_supplier_lifecycle_management | Ibm | 10.0.0.3 (including) | 10.0.0.3 (including) |
Emptoris_supplier_lifecycle_management | Ibm | 10.0.1.0 (including) | 10.0.1.0 (including) |
Emptoris_supplier_lifecycle_management | Ibm | 10.0.1.1 (including) | 10.0.1.1 (including) |
Emptoris_supplier_lifecycle_management | Ibm | 10.0.1.2 (including) | 10.0.1.2 (including) |
Emptoris_supplier_lifecycle_management | Ibm | 10.0.2.0 (including) | 10.0.2.0 (including) |
Emptoris_supplier_lifecycle_management | Ibm | 10.0.2.2 (including) | 10.0.2.2 (including) |
Emptoris_supplier_lifecycle_management | Ibm | 10.0.2.3 (including) | 10.0.2.3 (including) |
Emptoris_supplier_lifecycle_management | Ibm | 10.0.2.5 (including) | 10.0.2.5 (including) |
Emptoris_supplier_lifecycle_management | Ibm | 10.0.2.6 (including) | 10.0.2.6 (including) |
Emptoris_supplier_lifecycle_management | Ibm | 10.0.2.7 (including) | 10.0.2.7 (including) |