CVE-2014-3054

EPSS 0.31%
Veröffentlicht 29.07.2014 20:55:08
Zuletzt bearbeitet 12.04.2025 10:46:40
Quelle psirt@us.ibm.com
Teams Watchlist Login
Unerledigt Login

Multiple open redirect vulnerabilities in the Unified Task List (UTL) Portlet for IBM WebSphere Portal 7.x and 8.x through 8.0.0.1 CF12 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 7

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Ibm ≫ Websphere Portal Version7.0.0.0

Ibm ≫ Websphere Portal Version7.0.0.1 Updatecf003

Ibm ≫ Websphere Portal Version7.0.0.1 Updatecf004

Ibm ≫ Websphere Portal Version7.0.0.1 Updatecf005

Ibm ≫ Websphere Portal Version7.0.0.1 Updatecf006

Ibm ≫ Websphere Portal Version7.0.0.1 Updatecf007

Ibm ≫ Websphere Portal Version7.0.0.1 Updatecf008

Ibm ≫ Websphere Portal Version7.0.0.1 Updatecf009

Ibm ≫ Websphere Portal Version7.0.0.1 Updatecf010

Ibm ≫ Websphere Portal Version7.0.0.1 Updatecf019

Ibm ≫ Websphere Portal Version7.0.0.2

Ibm ≫ Websphere Portal Version7.0.0.2 Update-

Ibm ≫ Websphere Portal Version7.0.0.2 Updatecf011

Ibm ≫ Websphere Portal Version7.0.0.2 Updatecf012

Ibm ≫ Websphere Portal Version7.0.0.2 Updatecf013

Ibm ≫ Websphere Portal Version7.0.0.2 Updatecf014

Ibm ≫ Websphere Portal Version7.0.0.2 Updatecf015

Ibm ≫ Websphere Portal Version7.0.0.2 Updatecf016

Ibm ≫ Websphere Portal Version7.0.0.2 Updatecf017

Ibm ≫ Websphere Portal Version7.0.0.2 Updatecf018

Ibm ≫ Websphere Portal Version7.0.0.2 Updatecf019

Ibm ≫ Websphere Portal Version7.0.0.2 Updatecf020

Ibm ≫ Websphere Portal Version7.0.0.2 Updatecf021

Ibm ≫ Websphere Portal Version7.0.0.2 Updatecf022

Ibm ≫ Websphere Portal Version7.0.0.2 Updatecf23

Ibm ≫ Websphere Portal Version7.0.0.2 Updatecf24

Ibm ≫ Websphere Portal Version7.0.0.2 Updatecf25

Ibm ≫ Websphere Portal Version7.0.0.2 Updatecf26

Ibm ≫ Websphere Portal Version7.0.0.2 Updatecf27

Ibm ≫ Websphere Portal Version8.0.0.0

Ibm ≫ Websphere Portal Version8.0.0.0 Updatecf01

Ibm ≫ Websphere Portal Version8.0.0.0 Updatecf02

Ibm ≫ Websphere Portal Version8.0.0.0 Updatecf03

Ibm ≫ Websphere Portal Version8.0.0.0 Updatecf04

Ibm ≫ Websphere Portal Version8.0.0.0 Updatecf05

Ibm ≫ Websphere Portal Version8.0.0.1

Ibm ≫ Websphere Portal Version8.0.0.1 Updatecf04

Ibm ≫ Websphere Portal Version8.0.0.1 Updatecf05

Ibm ≫ Websphere Portal Version8.0.0.1 Updatecf06

Ibm ≫ Websphere Portal Version8.0.0.1 Updatecf07

Ibm ≫ Websphere Portal Version8.0.0.1 Updatecf08

Ibm ≫ Websphere Portal Version8.0.0.1 Updatecf09

Ibm ≫ Websphere Portal Version8.0.0.1 Updatecf12

Ibm ≫ Websphere Portal Unified Task List Portlet Version6.0.1

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.31%	0.513

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	5.8	8.6	4.9	AV:N/AC:M/Au:N/C:P/I:P/A:N

http://secunia.com/advisories/60499

http://www-01.ibm.com/support/docview.wss?uid=swg1PI18909

http://www-01.ibm.com/support/docview.wss?uid=swg21677032

Vendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/93528

https://nvd.nist.gov/vuln/detail/CVE-2014-3054

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2014-3054

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2014-3054

EUVD