Lucene search

IbmCVE-2012-0730

HistoryMay 03, 2012 - 4:08 a.m.

CVE-2012-0730

2012-05-0304:08:24

CWE-352

ibm

web.nvd.nist.gov

ibm rational

appscan

csrf

cross-site request forgery

vulnerabilities

security

nvd

cve-2012-0730

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:S/C:P/I:P/A:P

AI Score

7.2

Confidence

Low

EPSS

0.001

Percentile

48.7%

JSON

Multiple cross-site request forgery (CSRF) vulnerabilities in IBM Rational AppScan Enterprise 5.x and 8.x before 8.5.0.1 allow remote attackers to hijack the authentication of administrators for requests that create administrative accounts.

Affected configurations

Nvd

Node

ibmrational_appscanMatch5.2enterprise

ibmrational_appscanMatch5.4enterprise

ibmrational_appscanMatch5.5.0enterprise

ibmrational_appscanMatch5.5.0.1enterprise

ibmrational_appscanMatch5.5.0.2enterprise

ibmrational_appscanMatch5.6.0enterprise

ibmrational_appscanMatch5.6.0.3enterprise

ibmrational_appscanMatch8.0.0enterprise

ibmrational_appscanMatch8.0.0.1enterprise

ibmrational_appscanMatch8.0.0.2enterprise

ibmrational_appscanMatch8.0.0.3enterprise

ibmrational_appscanMatch8.0.1enterprise

ibmrational_appscanMatch8.0.1.1enterprise

ibmrational_appscanMatch8.5.0enterprise

ibmrational_appscanMatch8.5.0.0enterprise

VendorProductVersionCPE
ibmrational_appscan5.2cpe:2.3:a:ibm:rational_appscan:5.2:*:enterprise:*:*:*:*:*
ibmrational_appscan5.4cpe:2.3:a:ibm:rational_appscan:5.4:*:enterprise:*:*:*:*:*
ibmrational_appscan5.5.0cpe:2.3:a:ibm:rational_appscan:5.5.0:*:enterprise:*:*:*:*:*
ibmrational_appscan5.5.0.1cpe:2.3:a:ibm:rational_appscan:5.5.0.1:*:enterprise:*:*:*:*:*
ibmrational_appscan5.5.0.2cpe:2.3:a:ibm:rational_appscan:5.5.0.2:*:enterprise:*:*:*:*:*
ibmrational_appscan5.6.0cpe:2.3:a:ibm:rational_appscan:5.6.0:*:enterprise:*:*:*:*:*
ibmrational_appscan5.6.0.3cpe:2.3:a:ibm:rational_appscan:5.6.0.3:*:enterprise:*:*:*:*:*
ibmrational_appscan8.0.0cpe:2.3:a:ibm:rational_appscan:8.0.0:*:enterprise:*:*:*:*:*
ibmrational_appscan8.0.0.1cpe:2.3:a:ibm:rational_appscan:8.0.0.1:*:enterprise:*:*:*:*:*
ibmrational_appscan8.0.0.2cpe:2.3:a:ibm:rational_appscan:8.0.0.2:*:enterprise:*:*:*:*:*

Vendor	Product	Version	CPE
ibm	rational_appscan	5.2	cpe:2.3:a:ibm:rational_appscan:5.2::enterprise:::::
ibm	rational_appscan	5.4	cpe:2.3:a:ibm:rational_appscan:5.4::enterprise:::::
ibm	rational_appscan	5.5.0	cpe:2.3:a:ibm:rational_appscan:5.5.0::enterprise:::::
ibm	rational_appscan	5.5.0.1	cpe:2.3:a:ibm:rational_appscan:5.5.0.1::enterprise:::::
ibm	rational_appscan	5.5.0.2	cpe:2.3:a:ibm:rational_appscan:5.5.0.2::enterprise:::::
ibm	rational_appscan	5.6.0	cpe:2.3:a:ibm:rational_appscan:5.6.0::enterprise:::::
ibm	rational_appscan	5.6.0.3	cpe:2.3:a:ibm:rational_appscan:5.6.0.3::enterprise:::::
ibm	rational_appscan	8.0.0	cpe:2.3:a:ibm:rational_appscan:8.0.0::enterprise:::::
ibm	rational_appscan	8.0.0.1	cpe:2.3:a:ibm:rational_appscan:8.0.0.1::enterprise:::::
ibm	rational_appscan	8.0.0.2	cpe:2.3:a:ibm:rational_appscan:8.0.0.2::enterprise:::::

Rows per page:

1-10 of 151

References

secunia.com/advisories/48967

secunia.com/advisories/48968

www.ibm.com/support/docview.wss?uid=swg21592188

www.securityfocus.com/bid/53247

exchange.xforce.ibmcloud.com/vulnerabilities/74370

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:S/C:P/I:P/A:P

AI Score

7.2

Confidence

Low

EPSS

0.001

Percentile

48.7%

JSON

Related for CVE-2012-0730