Open redirect vulnerability in IBM Tivoli Federated Identity Manager (TFIM) 6.1.1 before IF 15, 6.2.0 before IF 14, 6.2.1, and 6.2.2 before IF 8 and Tivoli Federated Identity Manager Business Gateway (TFIMBG) 6.1.1 before IF 15, 6.2.0 before IF 14, 6.2.1, and 6.2.2 before IF 8 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.
2013-11-01T02:55:04.963
2025-04-11T00:51:21.963
Deferred
CVSSv2: 5.8 (MEDIUM)
AV:N/AC:M/Au:N/C:P/I:P/A:N
8.6
4.9
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Application | ibm | tivoli_federated_identity_manager | 6.1.1 | Yes |
| Application | ibm | tivoli_federated_identity_manager | 6.2.0 | Yes |
| Application | ibm | tivoli_federated_identity_manager | 6.2.1 | Yes |
| Application | ibm | tivoli_federated_identity_manager | 6.2.2 | Yes |
| Application | ibm | tivoli_federated_identity_manager_business_gateway | 6.1.1 | Yes |
| Application | ibm | tivoli_federated_identity_manager_business_gateway | 6.2.0 | Yes |
| Application | ibm | tivoli_federated_identity_manager_business_gateway | 6.2.1 | Yes |
| Application | ibm | tivoli_federated_identity_manager_business_gateway | 6.2.2 | Yes |