Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-4853

Overview

Vulnerability Score 6.8 6.8
CVE Id CVE-2012-4853
Last Modified 25 Feb 2013 11:50:51
Published 14 Nov 2012 07:30:59
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2012-4853

Summary

Cross-site request forgery (CSRF) vulnerability in IBM WebSphere Application Server 6.1 before 6.1.0.45, 7.0 before 7.0.0.25, 8.0 before 8.0.0.5, and 8.5 before 8.5.0.1 allows remote attackers to hijack the authentication of arbitrary users for requests that trigger information disclosure.

Vulnerable Systems

Application

  • Ibm Websphere Application Server 6.1

  • Ibm Websphere Application Server 6.1.0

  • Ibm Websphere Application Server 6.1.0.0

  • Ibm Websphere Application Server 6.1.0.1

  • Ibm Websphere Application Server 6.1.0.11

  • Ibm Websphere Application Server 6.1.0.12

  • Ibm Websphere Application Server 6.1.0.15

  • Ibm Websphere Application Server 6.1.0.17

  • Ibm Websphere Application Server 6.1.0.19

  • Ibm Websphere Application Server 6.1.0.2

  • Ibm Websphere Application Server 6.1.0.21

  • Ibm Websphere Application Server 6.1.0.23

  • Ibm Websphere Application Server 6.1.0.25

  • Ibm Websphere Application Server 6.1.0.27

  • Ibm Websphere Application Server 6.1.0.29

  • Ibm Websphere Application Server 6.1.0.3

  • Ibm Websphere Application Server 6.1.0.31

  • Ibm Websphere Application Server 6.1.0.33

  • Ibm Websphere Application Server 6.1.0.35

  • Ibm Websphere Application Server 6.1.0.37

  • Ibm Websphere Application Server 6.1.0.39

  • Ibm Websphere Application Server 6.1.0.41

  • Ibm Websphere Application Server 6.1.0.43

  • Ibm Websphere Application Server 6.1.0.5

  • Ibm Websphere Application Server 6.1.0.7

  • Ibm Websphere Application Server 6.1.0.9

  • Ibm Websphere Application Server 6.1.1

  • Ibm Websphere Application Server 6.1.13

  • Ibm Websphere Application Server 6.1.14

  • Ibm Websphere Application Server 6.1.3

  • Ibm Websphere Application Server 6.1.5

  • Ibm Websphere Application Server 6.1.6

  • Ibm Websphere Application Server 6.1.7

  • Ibm Websphere Application Server 7.0

  • Ibm Websphere Application Server 7.0.0.1

  • Ibm Websphere Application Server 7.0.0.11

  • Ibm Websphere Application Server 7.0.0.13

  • Ibm Websphere Application Server 7.0.0.15

  • Ibm Websphere Application Server 7.0.0.17

  • Ibm Websphere Application Server 7.0.0.19

  • Ibm Websphere Application Server 7.0.0.2

  • Ibm Websphere Application Server 7.0.0.21

  • Ibm Websphere Application Server 7.0.0.23

  • Ibm Websphere Application Server 7.0.0.3

  • Ibm Websphere Application Server 7.0.0.4

  • Ibm Websphere Application Server 7.0.0.5

  • Ibm Websphere Application Server 7.0.0.6

  • Ibm Websphere Application Server 7.0.0.7

  • Ibm Websphere Application Server 7.0.0.8

  • Ibm Websphere Application Server 7.0.0.9

  • Ibm Websphere Application Server 8.0.0.0

  • Ibm Websphere Application Server 8.0.0.1

  • Ibm Websphere Application Server 8.0.0.2

  • Ibm Websphere Application Server 8.0.0.3

  • Ibm Websphere Application Server 8.0.0.4

  • Ibm Websphere Application Server 8.5.0.0


References

XF - was-wasrequrl-csrf(79598)

CONFIRM - http://www.ibm.com/support/docview.wss?uid=swg21614265

AIXAPAR - PM62920

BID - 56458


Last Updated: 27 May 2016 10:58:28