5.8
CVE-2008-4284
- EPSS 0.37%
- Veröffentlicht 10.02.2009 22:30:00
- Zuletzt bearbeitet 09.04.2025 00:30:58
- Quelle cve@mitre.org
- Teams Watchlist Login
- Unerledigt Login
Open redirect vulnerability in the ibm_security_logout servlet in IBM WebSphere Application Server (WAS) 5.1.1.19 and earlier 5.x versions, 6.0.x before 6.0.2.33, and 6.1.x before 6.1.0.23 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via the logoutExitPage feature.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Ibm ≫ Websphere Application Server Version5.0
Ibm ≫ Websphere Application Server Version5.0 Editionz_os
Ibm ≫ Websphere Application Server Version5.0.0
Ibm ≫ Websphere Application Server Version5.0.1
Ibm ≫ Websphere Application Server Version5.0.2
Ibm ≫ Websphere Application Server Version5.0.2.1
Ibm ≫ Websphere Application Server Version5.0.2.2
Ibm ≫ Websphere Application Server Version5.0.2.3
Ibm ≫ Websphere Application Server Version5.0.2.4
Ibm ≫ Websphere Application Server Version5.0.2.5
Ibm ≫ Websphere Application Server Version5.0.2.6
Ibm ≫ Websphere Application Server Version5.0.2.7
Ibm ≫ Websphere Application Server Version5.0.2.8
Ibm ≫ Websphere Application Server Version5.0.2.9
Ibm ≫ Websphere Application Server Version5.0.2.10
Ibm ≫ Websphere Application Server Version5.0.2.11
Ibm ≫ Websphere Application Server Version5.0.2.12
Ibm ≫ Websphere Application Server Version5.0.2.13
Ibm ≫ Websphere Application Server Version5.0.2.14
Ibm ≫ Websphere Application Server Version5.0.2.15
Ibm ≫ Websphere Application Server Version5.0.2.16
Ibm ≫ Websphere Application Server Version5.1.0
Ibm ≫ Websphere Application Server Version5.1.0.2
Ibm ≫ Websphere Application Server Version5.1.0.3
Ibm ≫ Websphere Application Server Version5.1.0.4
Ibm ≫ Websphere Application Server Version5.1.0.5
Ibm ≫ Websphere Application Server Version5.1.1
Ibm ≫ Websphere Application Server Version5.1.1.1
Ibm ≫ Websphere Application Server Version5.1.1.10
Ibm ≫ Websphere Application Server Version5.1.1.11
Ibm ≫ Websphere Application Server Version5.1.1.12
Ibm ≫ Websphere Application Server Version5.1.1.13
Ibm ≫ Websphere Application Server Version5.1.1.14
Ibm ≫ Websphere Application Server Version5.1.1.15
Ibm ≫ Websphere Application Server Version5.1.1.16
Ibm ≫ Websphere Application Server Version5.1.1.17
Ibm ≫ Websphere Application Server Version5.1.1.18
Ibm ≫ Websphere Application Server Version5.1.1.19
Ibm ≫ Websphere Application Server Version6.0
Ibm ≫ Websphere Application Server Version6.0.0.1
Ibm ≫ Websphere Application Server Version6.0.0.2
Ibm ≫ Websphere Application Server Version6.0.0.3
Ibm ≫ Websphere Application Server Version6.0.1
Ibm ≫ Websphere Application Server Version6.0.1.1
Ibm ≫ Websphere Application Server Version6.0.1.2
Ibm ≫ Websphere Application Server Version6.0.1.3
Ibm ≫ Websphere Application Server Version6.0.1.5
Ibm ≫ Websphere Application Server Version6.0.1.7
Ibm ≫ Websphere Application Server Version6.0.1.9
Ibm ≫ Websphere Application Server Version6.0.1.11
Ibm ≫ Websphere Application Server Version6.0.1.13
Ibm ≫ Websphere Application Server Version6.0.1.15
Ibm ≫ Websphere Application Server Version6.0.1.17
Ibm ≫ Websphere Application Server Version6.0.2
Ibm ≫ Websphere Application Server Version6.0.2.1
Ibm ≫ Websphere Application Server Version6.0.2.2
Ibm ≫ Websphere Application Server Version6.0.2.3
Ibm ≫ Websphere Application Server Version6.0.2.4
Ibm ≫ Websphere Application Server Version6.0.2.5
Ibm ≫ Websphere Application Server Version6.0.2.6
Ibm ≫ Websphere Application Server Version6.0.2.7
Ibm ≫ Websphere Application Server Version6.0.2.9
Ibm ≫ Websphere Application Server Version6.0.2.11
Ibm ≫ Websphere Application Server Version6.0.2.13
Ibm ≫ Websphere Application Server Version6.0.2.15
Ibm ≫ Websphere Application Server Version6.0.2.17
Ibm ≫ Websphere Application Server Version6.0.2.19
Ibm ≫ Websphere Application Server Version6.0.2.22
Ibm ≫ Websphere Application Server Version6.0.2.23
Ibm ≫ Websphere Application Server Version6.0.2.24
Ibm ≫ Websphere Application Server Version6.0.2.25
Ibm ≫ Websphere Application Server Version6.0.2.27
Ibm ≫ Websphere Application Server Version6.0.2.28
Ibm ≫ Websphere Application Server Version6.0.2.29
Ibm ≫ Websphere Application Server Version6.0.2.30
Ibm ≫ Websphere Application Server Version6.0.2.31
Ibm ≫ Websphere Application Server Version6.0.2.32
Ibm ≫ Websphere Application Server Version6.1
Ibm ≫ Websphere Application Server Version6.1.0
Ibm ≫ Websphere Application Server Version6.1.0.0
Ibm ≫ Websphere Application Server Version6.1.0.1
Ibm ≫ Websphere Application Server Version6.1.0.2
Ibm ≫ Websphere Application Server Version6.1.0.3
Ibm ≫ Websphere Application Server Version6.1.0.4
Ibm ≫ Websphere Application Server Version6.1.0.5
Ibm ≫ Websphere Application Server Version6.1.0.6
Ibm ≫ Websphere Application Server Version6.1.0.7
Ibm ≫ Websphere Application Server Version6.1.0.8
Ibm ≫ Websphere Application Server Version6.1.0.9
Ibm ≫ Websphere Application Server Version6.1.0.10
Ibm ≫ Websphere Application Server Version6.1.0.11
Ibm ≫ Websphere Application Server Version6.1.0.12
Ibm ≫ Websphere Application Server Version6.1.0.13
Ibm ≫ Websphere Application Server Version6.1.0.14
Ibm ≫ Websphere Application Server Version6.1.0.15
Ibm ≫ Websphere Application Server Version6.1.0.16
Ibm ≫ Websphere Application Server Version6.1.0.17
Ibm ≫ Websphere Application Server Version6.1.0.18
Ibm ≫ Websphere Application Server Version6.1.0.19
Ibm ≫ Websphere Application Server Version6.1.0.20
Ibm ≫ Websphere Application Server Version6.1.0.21
Ibm ≫ Websphere Application Server Version6.1.0.22
Ibm ≫ Websphere Application Server Version6.1.1
Ibm ≫ Websphere Application Server Version6.1.3
Ibm ≫ Websphere Application Server Version6.1.5
Ibm ≫ Websphere Application Server Version6.1.6
Ibm ≫ Websphere Application Server Version6.1.7
Ibm ≫ Websphere Application Server Version6.1.13
Ibm ≫ Websphere Application Server Version6.1.14
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
Typ | Quelle | Score | Percentile |
---|---|---|---|
EPSS | FIRST.org | 0.37% | 0.577 |
Quelle | Base Score | Exploit Score | Impact Score | Vector String |
---|---|---|---|---|
nvd@nist.gov | 5.8 | 8.6 | 4.9 |
AV:N/AC:M/Au:N/C:P/I:N/A:P
|
CWE-59 Improper Link Resolution Before File Access ('Link Following')
The product attempts to access a file based on the filename, but it does not properly prevent that filename from identifying a link or shortcut that resolves to an unintended resource.