← Back to CVEs
CVE-2016-8961
N/ADescription
IBM BigFix Inventory v9 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to spoof the URL displayed to redirect a user to a malicious Web site that would appear to be trusted. This could allow the attacker to obtain highly sensitive information or conduct further attacks against the victim.
CVE Details
CVSS v3.1 ScoreN/A
Published2/1/2017
Last Modified4/20/2025
Sourcenvd
Honeypot Sightings0
Affected Products
hp:hp-uxibm:aixibm:bigfix_inventoryibm:license_metric_toollinux:linux_kernelmicrosoft:windowsoracle:solaris
Weaknesses (CWE)
CWE-601
References
http://www.ibm.com/support/docview.wss?uid=swg21995037(psirt@us.ibm.com)
http://www.securityfocus.com/bid/95128(psirt@us.ibm.com)
http://www.ibm.com/support/docview.wss?uid=swg21995037(af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/95128(af854a3a-2127-422b-91ae-364da2661108)
IOC Correlations
No correlations recorded
This product uses data from the NVD API but is not endorsed or certified by the NVD.