Arbitrary Redirection and Phishing Vulnerability in IBM WebSphere Application Server (WAS) Liberty
CVE-2016-3040 · MEDIUM Severity
AV:N/AC:M/AU:S/C:P/I:P/A:N
IBM WebSphere Application Server (WAS) Liberty, as used in IBM Security Privileged Identity Manager (ISPIM) Virtual Appliance 2.x before 2.0.2 FP8, allows remote authenticated users to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.
Learn more about our Cis Benchmark Audit For Ibm Websphere.