Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-0730

Overview

Vulnerability Score 6.0 6.0
CVE Id CVE-2012-0730
Last Modified 14 Feb 2013 11:53:54
Published 03 May 2012 12:08:24
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication SINGLE_INSTANCE

CVE-2012-0730

Summary

Multiple cross-site request forgery (CSRF) vulnerabilities in IBM Rational AppScan Enterprise 5.x and 8.x before 8.5.0.1 allow remote attackers to hijack the authentication of administrators for requests that create administrative accounts.

Vulnerable Systems

Application

  • Ibm Rational Appscan 5.2

  • Ibm Rational Appscan 5.4

  • Ibm Rational Appscan 5.5.0

  • Ibm Rational Appscan 5.5.0.1

  • Ibm Rational Appscan 5.5.0.2

  • Ibm Rational Appscan 5.6.0

  • Ibm Rational Appscan 5.6.0.3

  • Ibm Rational Appscan 8.0.0

  • Ibm Rational Appscan 8.0.0.1

  • Ibm Rational Appscan 8.0.0.2

  • Ibm Rational Appscan 8.0.0.3

  • Ibm Rational Appscan 8.0.1

  • Ibm Rational Appscan 8.0.1.1

  • Ibm Rational Appscan 8.5.0

  • Ibm Rational Appscan 8.5.0.0


References

XF - ae-multiple-csrf(74370)

CONFIRM - http://www.ibm.com/support/docview.wss?uid=swg21592188

SECUNIA - 48968

SECUNIA - 48967

BID - 53247


Last Updated: 27 May 2016 10:57:31