Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-0748

Overview

Vulnerability Score 6.8 6.8
CVE Id CVE-2012-0748
Last Modified 01 Mar 2013 11:38:57
Published 01 Oct 2012 02:55:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2012-0748

Summary

Multiple cross-site request forgery (CSRF) vulnerabilities in unspecified services in IBM Rational Team Concert (RTC) 4.x before 4.0.0.1 allow remote attackers to hijack the authentication of arbitrary users for requests that modify work items.

Vulnerable Systems

Application

  • Ibm Rational Team Concert 4.0


References

XF - rtc-services-csrf(74736)

CONFIRM - http://www-01.ibm.com/support/docview.wss?uid=swg21612356

BID - 55730

SECUNIA - 50789


Last Updated: 27 May 2016 11:00:49