Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2013-0452

Overview

Vulnerability Score 6.8 6.8
CVE Id CVE-2013-0452
Last Modified 29 Mar 2013 12:00:00
Published 29 Mar 2013 12:08:58
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2013-0452

Summary

Cross-site request forgery (CSRF) vulnerability in the Software Use Analysis (SUA) application before 1.3.3 in IBM Tivoli Endpoint Manager 8.2 allows remote attackers to hijack the authentication of arbitrary users via a web site that contains crafted Flash Action Message Format (AMF) messages.

Vulnerable Systems

Application

  • Ibm Software Use Analysis 1.3.2

  • Ibm Tivoli Endpoint Manager 8.2


References

XF - tem-sua-csrf(80968)

CONFIRM - http://www-01.ibm.com/support/docview.wss?uid=swg21631350

AIXAPAR - IV38145


Last Updated: 27 May 2016 10:44:50