Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
IBM Security Secret Server 10.7 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to spoof the URL displayed to redirect a user to a malicious Web site that would appear to be trusted. This could allow the attacker to obtain highly sensitive information or conduct further attacks against the victim. IBM X-Force ID: 170001.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
IBM Security Secret Server 输入验证错误漏洞
Vulnerability Description
IBM Security Secret Server是美国IBM公司的一套特权访问管理解决方案。该产品支持密码管理、特权账号识别和特权会话访问监控记录等功能。 IBM Security Secret Server 10.7版本中存在输入验证错误漏洞。远程攻击者可通过诱使用户点击特制的网站利用该漏洞伪造所显示的URL,进而将用户重定向到恶意的网站,进而获取敏感信息或实施进一步攻击。
CVSS Information
N/A
Vulnerability Type
N/A