Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2013-0532

Overview

Vulnerability Score 6.8 6.8
CVE Id CVE-2013-0532
Last Modified 29 Mar 2013 01:26:20
Published 29 Mar 2013 12:09:03
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2013-0532

Summary

Cross-site request forgery (CSRF) vulnerability in IBM Security AppScan Enterprise 5.6 and 8.x before 8.7 and IBM Rational Policy Tester 5.6 and 8.x before 8.5.0.4 allows remote attackers to hijack the authentication of arbitrary users for requests that cause a denial of service via malformed HTTP data.

Vulnerable Systems

Application

  • Ibm Rational Policy Tester 5.6.0.0

  • Ibm Rational Policy Tester 8.0.0.0

  • Ibm Rational Policy Tester 8.0.0.1

  • Ibm Rational Policy Tester 8.0.0.2

  • Ibm Rational Policy Tester 8.0.1.0

  • Ibm Rational Policy Tester 8.0.1.1

  • Ibm Rational Policy Tester 8.5.0.0

  • Ibm Rational Policy Tester 8.5.0.1

  • Ibm Rational Policy Tester 8.5.0.2

  • Ibm Rational Policy Tester 8.5.0.3

  • Ibm Security Appscan 5.6.0.0

  • Ibm Security Appscan 8.0.0.0

  • Ibm Security Appscan 8.0.0.1

  • Ibm Security Appscan 8.0.0.2

  • Ibm Security Appscan 8.0.1.0

  • Ibm Security Appscan 8.0.1.1

  • Ibm Security Appscan 8.0.11

  • Ibm Security Appscan 8.5.0.0

  • Ibm Security Appscan 8.5.0.1

  • Ibm Security Appscan 8.6.0.0

  • Ibm Security Appscan 8.6.0.1

  • Ibm Security Appscan 8.6.0.2


References

XF - appscan-cve20130532-csrf(82595)

CONFIRM - http://www-01.ibm.com/support/docview.wss?uid=swg21631304

CONFIRM - http://www-01.ibm.com/support/docview.wss?uid=swg21626264


Last Updated: 27 May 2016 11:02:09