CVE-2013-2961 Information
Description
The internal web server in the Basic Services component in IBM Tivoli Monitoring (ITM) 6.2.0 through FP3 6.2.1 through FP4 6.2.2 through FP9 and 6.2.3 before FP3 as used in IBM Application Manager for Smart Business (formerly Tivoli Foundations Application Manager) 1.2.1 before 1.2.1.0-TIV-IAMSB-FP0004 and other products allows remote attackers to perform unspecified redirection of HTTP requests and bypass the proxy-server configuration via crafted HTTP traffic.
Reference
http://www-01.ibm.com/support/docview.wss?uid=swg1IV27192 http://www-01.ibm.com/support/docview.wss?uid=swg1IV30187 http://www-01.ibm.com/support/docview.wss?uid=swg1IV40115 http://www-01.ibm.com/support/docview.wss?uid=swg1IV40116 http://www-01.ibm.com/support/docview.wss?uid=swg21635080 http://www-01.ibm.com/support/docview.wss?uid=swg21640752 https://exchange.xforce.ibmcloud.com/vulnerabilities/83725 itm-cve20132961-url-redirect(83725)
Share on: