CVE-2018-1654 is a vulnerability in IBM Curam Social Program Management

CVE-2018-1654 is a vulnerability in IBM Curam Social Program Management
Published on December 11, 2018

IBM Curam Social Program Management 6.0.5, 6.1.1, 6.2.0, 7.0.1, and 7.0.3 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to spoof the URL displayed to redirect a user to a malicious Web site that would appear to be trusted. This could allow the attacker to obtain highly sensitive information or conduct further attacks against the victim. IBM X-Force ID: 144747.

Products Associated with CVE-2018-1654

Want to know whenever a new CVE is published for IBM Curam Social Program Management? stack.watch will email you.

Affected Versions

Version 6.0.5 is affected.

Version 6.1.1 is affected.

Version 6.2.0 is affected.

Version 7.0.1 is affected.

Version 7.0.3 is affected.

Exploit Probability

EPSS

0.18%

Percentile

39.24%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2018-1654 is a vulnerability in IBM Curam Social Program ManagementPublished on December 11, 2018

Products Associated with CVE-2018-1654

Affected Versions

Exploit Probability

CVE-2018-1654 is a vulnerability in IBM Curam Social Program Management
Published on December 11, 2018