Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2013-5443

Overview

Vulnerability Score 6.8 6.8
CVE Id CVE-2013-5443
Last Modified 26 Mar 2014 11:12:00
Published 25 Mar 2014 04:55:06
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2013-5443

Summary

Cross-site request forgery (CSRF) vulnerability in IBM Cognos Express 9.0 before IFIX 2, 9.5 before IFIX 2, 10.1 before IFIX 2, and 10.2.1 before FP1 allows remote attackers to hijack the authentication of arbitrary users.

Vulnerable Systems

Application

  • Ibm Cognos Express 10.1

  • Ibm Cognos Express 10.2.1

  • Ibm Cognos Express 9.0

  • Ibm Cognos Express 9.5


References

XF - ibm-cognos-cve20135443-csrf(87819)

CONFIRM - http://www-01.ibm.com/support/docview.wss?uid=swg21667626


Last Updated: 27 May 2016 10:53:57