CVE-2014-0845

IBM Rational Requirements Composer 3.x-3.0.1.6 and 4.x-4.0.6 - Authenticated Open Redirect

Title source: llm
STIX 2.1

Description

Open redirect vulnerability in IBM Rational Requirements Composer 3.x before 3.0.1.6 iFix2 and 4.x before 4.0.6, and Rational DOORS Next Generation 4.x before 4.0.6, allows remote authenticated users to redirect users to arbitrary web sites and conduct phishing attacks via a crafted URL.

References (3)

Core 3
Core References
Vendor Advisory x_refsource_confirm
http://www-01.ibm.com/support/docview.wss?uid=swg21664412
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/90719
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/65916

Scores

EPSS 0.0095
EPSS Percentile 57.1%

Details

CWE
CWE-20
Status published
Products (21)
ibm/rational_doors_next_generation 4.0.0
ibm/rational_doors_next_generation 4.0.1
ibm/rational_doors_next_generation 4.0.2
ibm/rational_doors_next_generation 4.0.3
ibm/rational_doors_next_generation 4.0.4
ibm/rational_doors_next_generation 4.0.5
ibm/rational_requirements_composer 3.0.1
ibm/rational_requirements_composer 3.0.1.1
ibm/rational_requirements_composer 3.0.1.2
ibm/rational_requirements_composer 3.0.1.3
... and 11 more
Published Mar 04, 2014
Tracked Since Feb 18, 2026