Lucene search

[email protected]CVE-2013-0532

HistoryMar 29, 2013 - 4:09 p.m.

CVE-2013-0532

2013-03-2916:09:03

CWE-352

[email protected]

web.nvd.nist.gov

cve

2013

0532

csrf

vulnerability

ibm

security

appscan

enterprise

rational

policy

tester

nvd

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

7.3 High

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

56.3%

JSON

Cross-site request forgery (CSRF) vulnerability in IBM Security AppScan Enterprise 5.6 and 8.x before 8.7 and IBM Rational Policy Tester 5.6 and 8.x before 8.5.0.4 allows remote attackers to hijack the authentication of arbitrary users for requests that cause a denial of service via malformed HTTP data.

Affected configurations

NVD

Node

ibmsecurity_appscanMatch5.6.0.0-enterprise

ibmsecurity_appscanMatch8.0.0.0-enterprise

ibmsecurity_appscanMatch8.0.0.1-enterprise

ibmsecurity_appscanMatch8.0.0.2-enterprise

ibmsecurity_appscanMatch8.0.1.0-enterprise

ibmsecurity_appscanMatch8.0.1.1-enterprise

ibmsecurity_appscanMatch8.0.11-enterprise

ibmsecurity_appscanMatch8.5.0.0-enterprise

ibmsecurity_appscanMatch8.5.0.1-enterprise

ibmsecurity_appscanMatch8.6.0.0-enterprise

ibmsecurity_appscanMatch8.6.0.1-enterprise

ibmsecurity_appscanMatch8.6.0.2-enterprise

Node

ibmrational_policy_testerMatch5.6.0.0

ibmrational_policy_testerMatch8.0.0.0

ibmrational_policy_testerMatch8.0.0.1

ibmrational_policy_testerMatch8.0.0.2

ibmrational_policy_testerMatch8.0.1.0

ibmrational_policy_testerMatch8.0.1.1

ibmrational_policy_testerMatch8.5.0.0

ibmrational_policy_testerMatch8.5.0.1

ibmrational_policy_testerMatch8.5.0.2

ibmrational_policy_testerMatch8.5.0.3

CPENameOperatorVersion
ibm:security_appscanibm security appscaneq5.6.0.0
ibm:security_appscanibm security appscaneq8.0.0.0
ibm:security_appscanibm security appscaneq8.0.0.1
ibm:security_appscanibm security appscaneq8.0.0.2
ibm:security_appscanibm security appscaneq8.0.1.0
ibm:security_appscanibm security appscaneq8.0.1.1
ibm:security_appscanibm security appscaneq8.0.11
ibm:security_appscanibm security appscaneq8.5.0.0
ibm:security_appscanibm security appscaneq8.5.0.1
ibm:security_appscanibm security appscaneq8.6.0.0

CPE	Name	Operator	Version
ibm:security_appscan	ibm security appscan	eq	5.6.0.0
ibm:security_appscan	ibm security appscan	eq	8.0.0.0
ibm:security_appscan	ibm security appscan	eq	8.0.0.1
ibm:security_appscan	ibm security appscan	eq	8.0.0.2
ibm:security_appscan	ibm security appscan	eq	8.0.1.0
ibm:security_appscan	ibm security appscan	eq	8.0.1.1
ibm:security_appscan	ibm security appscan	eq	8.0.11
ibm:security_appscan	ibm security appscan	eq	8.5.0.0
ibm:security_appscan	ibm security appscan	eq	8.5.0.1
ibm:security_appscan	ibm security appscan	eq	8.6.0.0

Rows per page:

1-10 of 121

References

www-01.ibm.com/support/docview.wss?uid=swg21626264

www-01.ibm.com/support/docview.wss?uid=swg21631304

exchange.xforce.ibmcloud.com/vulnerabilities/82595

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

7.3 High

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

56.3%

JSON

Related for CVE-2013-0532

prion1 cvelist1 nvd1