Arbitrary Redirection and Phishing Vulnerability in IBM WebSphere Application Server (WAS) Liberty

Arbitrary Redirection and Phishing Vulnerability in IBM WebSphere Application Server (WAS) Liberty

CVE-2016-3040 · MEDIUM Severity

AV:N/AC:M/AU:S/C:P/I:P/A:N

IBM WebSphere Application Server (WAS) Liberty, as used in IBM Security Privileged Identity Manager (ISPIM) Virtual Appliance 2.x before 2.0.2 FP8, allows remote authenticated users to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.

Learn more about our Cis Benchmark Audit For Ibm Websphere.