Vulnerability Details : CVE-2010-0715
Open redirect vulnerability in login.jsp in IBM WebSphere Portal, IBM Lotus Web Content Management (WCM), and IBM Lotus Workplace Web Content Management 5.1.0.0 through 5.1.0.5, 6.0.0.0 through 6.0.0.4, 6.0.1.0 through 6.0.1.7, 6.1.0.0 through 6.1.0.3, and 6.1.5.0; and IBM Lotus Quickr services 8.0, 8.0.0.2, 8.1, 8.1.1, and 8.1.1.1 for WebSphere Portal; allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via the query string.
Vulnerability category: Open redirect
Exploit prediction scoring system (EPSS) score for CVE-2010-0715
Probability of exploitation activity in the next 30 days: 0.42%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 71 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2010-0715
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
6.8
|
MEDIUM | AV:N/AC:M/Au:N/C:P/I:P/A:P |
8.6
|
6.4
|
NIST |
References for CVE-2010-0715
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/56602
Multiple IBM products login.jsp phishing CVE-2010-0715 Vulnerability Report
-
http://www-01.ibm.com/support/docview.wss?uid=swg21421469
IBM notice: The page you requested cannot be displayedPatch;Vendor Advisory
-
http://www.securityfocus.com/archive/1/509744/100/0/threaded
SecurityFocus
-
http://www.hacktics.com/content/advisories/AdvIBM20100224.html
The page you were looking for doesn't exist (404)Exploit
Products affected by CVE-2010-0715
- cpe:2.3:a:ibm:websphere_portal:5.1.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_portal:5.1.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_portal:6.0.1.3:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_portal:6.1.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_portal:5.1.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_portal:6.0.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_portal:6.0.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_portal:5.1.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_portal:6.0.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_portal:5.1.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_portal:5.1.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_portal:6.0.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_portal:6.0.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_portal:6.1.5.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_portal:6.1.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_portal:6.1.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_portal:6.0.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_portal:6.0.1.4:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_portal:6.0.1.5:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_portal:6.0.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_portal:6.0.1.6:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_portal:6.0.1.7:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_portal:6.0.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_portal:6.1.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:lotus_quickr:8.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:lotus_quickr:8.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:lotus_quickr:8.0.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:lotus_quickr:8.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:lotus_quickr:8.1.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:lotus_web_content_management:6.0.1.4:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:lotus_web_content_management:6.0.1.5:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:lotus_web_content_management:6.0.1.6:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:lotus_web_content_management:6.1.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:lotus_web_content_management:6.1.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:lotus_web_content_management:6.0.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:lotus_web_content_management:6.0.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:lotus_web_content_management:6.0.1.7:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:lotus_web_content_management:6.1.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:lotus_web_content_management:6.0.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:lotus_web_content_management:5.1.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:lotus_web_content_management:5.1.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:lotus_web_content_management:6.0.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:lotus_web_content_management:6.0.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:lotus_web_content_management:6.0.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:lotus_web_content_management:6.0.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:lotus_web_content_management:6.0.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:lotus_web_content_management:6.0.1.3:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:lotus_web_content_management:6.1.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:lotus_web_content_management:6.1.5.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:lotus_web_content_management:5.1.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:lotus_web_content_management:5.1.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:lotus_web_content_management:5.1.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:lotus_web_content_management:5.1.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:lotus_workplace_web_content_management:6.0.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:lotus_workplace_web_content_management:6.0.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:lotus_workplace_web_content_management:6.0.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:lotus_workplace_web_content_management:6.0.1.7:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:lotus_workplace_web_content_management:6.1.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:lotus_workplace_web_content_management:6.0.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:lotus_workplace_web_content_management:5.1.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:lotus_workplace_web_content_management:5.1.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:lotus_workplace_web_content_management:6.0.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:lotus_workplace_web_content_management:6.0.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:lotus_workplace_web_content_management:6.1.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:lotus_workplace_web_content_management:6.1.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:lotus_workplace_web_content_management:6.0.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:lotus_workplace_web_content_management:6.0.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:lotus_workplace_web_content_management:6.0.1.3:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:lotus_workplace_web_content_management:6.0.1.4:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:lotus_workplace_web_content_management:6.1.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:lotus_workplace_web_content_management:6.1.5.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:lotus_workplace_web_content_management:5.1.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:lotus_workplace_web_content_management:5.1.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:lotus_workplace_web_content_management:6.0.1.5:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:lotus_workplace_web_content_management:6.0.1.6:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:lotus_workplace_web_content_management:5.1.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:lotus_workplace_web_content_management:5.1.0.5:*:*:*:*:*:*:*