Description
IBM Content Navigator 3.0CD could allow attackers to direct web traffic to a malicious site. If attackers make a fake IBM Content Navigator site, they can send a link to ICN users to send request to their Edit client directly. Then Edit client will download documents from the fake ICN website. IBM X-Force ID: 156001.
CVSS breakdown
CVSS 3.0
Availability
Low
User Interaction
None
Privileges Required
Low
Attack Complexity
Low
Scope
Unchanged
Attack Vector
Network
Confidentiality
Low
Integrity
Low
RL
O
E
Unchanged
RC
Changed
Affected products
- ibm / content_navigator3.0CD – 3.0CD