Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Open redirect vulnerability in IBM Cloud Orchestrator 2.4.x before 2.4.0 FP3 allows remote authenticated users to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
IBM Cloud Orchestrator 开放重定向漏洞
Vulnerability Description
IBM Cloud Orchestrator是美国IBM公司的一套为IT服务提供云管理、加快软件与基础架构交付的解决方案。该方案提供扩展内部和外部部署云服务以及应用程序接口和工具扩展与现有环境集成等功能。 IBM Cloud Orchestrator中存在开放重定向漏洞。远程攻击者可通过使用‘page'参数利用该漏洞重定向用户到任意网站,实施钓鱼攻击。以下版本受到影响:IBM Cloud Orchestrator 2.4,2.4.0.1,2.4.0.2,2.4.0.2 Interim Fix1。
CVSS Information
N/A
Vulnerability Type
N/A