Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2013-4057

Overview

Vulnerability Score 6.8 6.8
CVE Id CVE-2013-4057
Last Modified 18 Jul 2014 01:15:37
Published 16 Mar 2014 10:06:44
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2013-4057

Summary

Cross-site request forgery (CSRF) vulnerability in the XML Pack in IBM InfoSphere Information Server 8.5.x through 8.5 FP3, 8.7.x through 8.7 FP2, and 9.1.x through 9.1.2.0 allows remote attackers to hijack the authentication of arbitrary users.

Vulnerable Systems

Application

  • Ibm Infosphere Information Server 8.5

  • Ibm Infosphere Information Server 8.5.0.1

  • Ibm Infosphere Information Server 8.5.0.2

  • Ibm Infosphere Information Server 8.5.0.3

  • Ibm Infosphere Information Server 8.7

  • Ibm Infosphere Information Server 8.7.0.1

  • Ibm Infosphere Information Server 8.7.0.2

  • Ibm Infosphere Information Server 9.1

  • Ibm Infosphere Information Server 9.1.0.1

  • Ibm Infosphere Information Server 9.1.2


References

XF - ibm-infosphere-cve20134057-csrf(86546)

CONFIRM - http://www-01.ibm.com/support/docview.wss?uid=swg21666684

AIXAPAR - JR49206

AIXAPAR - JR49200

AIXAPAR - JR48815

BID - 66154


Last Updated: 27 May 2016 11:04:39