CVE-2016-2989

Published: Aug 8, 2016Modified: May 6, 2026

6.5

Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

Exploitability: 2.8 / Impact: 3.6

Source: NVD

Description

Open redirect vulnerability in the Connections Portlets component 5.x before 5.0.2 for IBM WebSphere Portal allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.

Affected (1)

Products: Ibm: Connections Portlets

Ibm

1 product

Connections Portlets

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Ibm Connections Portlets	Version 5.0

Related CWEs

CWE-284

Improper Access Control

The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.

References (6)

http://www-01.ibm.com/support/docview.wss?uid=swg21986393

Source: psirt@us.ibm.com

PatchVendor Advisory

http://www.securityfocus.com/bid/92344

Source: psirt@us.ibm.com

http://www.securitytracker.com/id/1036498

Source: psirt@us.ibm.com

http://www-01.ibm.com/support/docview.wss?uid=swg21986393

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

http://www.securityfocus.com/bid/92344

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securitytracker.com/id/1036498

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.