What is the severity of CVE-2014-0845?

The severity of CVE-2014-0845 is considered medium due to its potential for phishing attacks.

How do I fix CVE-2014-0845?

To fix CVE-2014-0845, upgrade IBM Rational Requirements Composer to version 3.0.1.6 iFix2 or later, or Rational DOORS Next Generation to version 4.0.6 or later.

Who is affected by CVE-2014-0845?

CVE-2014-0845 affects IBM Rational Requirements Composer versions 3.x before 3.0.1.6 iFix2 and 4.x before 4.0.6, as well as Rational DOORS Next Generation versions 4.x before 4.0.6.

What is an open redirect vulnerability related to CVE-2014-0845?

An open redirect vulnerability allows an attacker to redirect users to any website of their choice, potentially facilitating phishing attacks.

Can CVE-2014-0845 be exploited remotely?

Yes, CVE-2014-0845 can be exploited remotely by authenticated users through crafted URLs.

Vulnerability/
CVE-2014-0845

medium

4.9

CWE

4/3/2014

6/8/2024

CVE-2014-0845: Input Validation

First published: Tue Mar 04 2014(Updated: )

Open redirect vulnerability in IBM Rational Requirements Composer 3.x before 3.0.1.6 iFix2 and 4.x before 4.0.6, and Rational DOORS Next Generation 4.x before 4.0.6, allows remote authenticated users to redirect users to arbitrary web sites and conduct phishing attacks via a crafted URL.

Credit: psirt@us.ibm.com

Affected Software	Affected Version	How to fix
IBM Rational Requirements Composer	=3.0.1
IBM Rational Requirements Composer	=3.0.1.1
IBM Rational Requirements Composer	=3.0.1.2
IBM Rational Requirements Composer	=3.0.1.3
IBM Rational Requirements Composer	=3.0.1.4
IBM Rational Requirements Composer	=3.0.1.5
IBM Rational Requirements Composer	=3.0.1.6
IBM Rational Requirements Composer	=4.0.0
IBM Rational Requirements Composer	=4.0.0.1
IBM Rational Requirements Composer	=4.0.0.2
IBM Rational Requirements Composer	=4.0.1
IBM Rational Requirements Composer	=4.0.2
IBM Rational Requirements Composer	=4.0.3
IBM Rational Requirements Composer	=4.0.4
IBM Rational Requirements Composer	=4.0.5
IBM Engineering Requirements Management DOORS Next Generation	=4.0.0
IBM Engineering Requirements Management DOORS Next Generation	=4.0.1
IBM Engineering Requirements Management DOORS Next Generation	=4.0.2
IBM Engineering Requirements Management DOORS Next Generation	=4.0.3
IBM Engineering Requirements Management DOORS Next Generation	=4.0.4
IBM Engineering Requirements Management DOORS Next Generation	=4.0.5

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2014-0845?
The severity of CVE-2014-0845 is considered medium due to its potential for phishing attacks.
How do I fix CVE-2014-0845?
To fix CVE-2014-0845, upgrade IBM Rational Requirements Composer to version 3.0.1.6 iFix2 or later, or Rational DOORS Next Generation to version 4.0.6 or later.
Who is affected by CVE-2014-0845?
CVE-2014-0845 affects IBM Rational Requirements Composer versions 3.x before 3.0.1.6 iFix2 and 4.x before 4.0.6, as well as Rational DOORS Next Generation versions 4.x before 4.0.6.
What is an open redirect vulnerability related to CVE-2014-0845?
An open redirect vulnerability allows an attacker to redirect users to any website of their choice, potentially facilitating phishing attacks.
Can CVE-2014-0845 be exploited remotely?
Yes, CVE-2014-0845 can be exploited remotely by authenticated users through crafted URLs.

agent/type
collector/mitre-cve
source/MITRE
agent/severity
agent/weakness
agent/references
agent/last-modified-date
agent/description
agent/author
agent/first-publish-date
agent/event
agent/source
agent/softwarecombine
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
vendor/ibm
canonical/ibm rational requirements composer
version/ibm rational requirements composer/3.0.1
version/ibm rational requirements composer/3.0.1.1
version/ibm rational requirements composer/3.0.1.2
version/ibm rational requirements composer/3.0.1.3
version/ibm rational requirements composer/3.0.1.4
version/ibm rational requirements composer/3.0.1.5
version/ibm rational requirements composer/3.0.1.6
version/ibm rational requirements composer/4.0.0
version/ibm rational requirements composer/4.0.0.1
version/ibm rational requirements composer/4.0.0.2
version/ibm rational requirements composer/4.0.1
version/ibm rational requirements composer/4.0.2
version/ibm rational requirements composer/4.0.3
version/ibm rational requirements composer/4.0.4
version/ibm rational requirements composer/4.0.5
canonical/ibm engineering requirements management doors next generation
version/ibm engineering requirements management doors next generation/4.0.0
version/ibm engineering requirements management doors next generation/4.0.1
version/ibm engineering requirements management doors next generation/4.0.2
version/ibm engineering requirements management doors next generation/4.0.3
version/ibm engineering requirements management doors next generation/4.0.4
version/ibm engineering requirements management doors next generation/4.0.5