Lucene search

[email protected]CVE-2013-3992

HistoryAug 06, 2013 - 1:20 p.m.

CVE-2013-3992

2013-08-0613:20:00

CWE-352

[email protected]

web.nvd.nist.gov

cve-2013-3992

cross-site request forgery

csrf

ibm infosphere biginsights

authentication hijacking

nvd

6.6 Medium

AI Score

Confidence

Low

6 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:S/C:P/I:P/A:P

0.001 Low

EPSS

Percentile

50.8%

JSON

Cross-site request forgery (CSRF) vulnerability in IBM InfoSphere BigInsights 2.0 through 2.1 allows remote authenticated users to hijack the authentication of unspecified victims via unknown vectors.

CPENameOperatorVersion
ibm:infosphere_biginsightsibm infosphere biginsightseq2.0.0.0
ibm:infosphere_biginsightsibm infosphere biginsightseq2.1.0.0

CPE	Name	Operator	Version
ibm:infosphere_biginsights	ibm infosphere biginsights	eq	2.0.0.0
ibm:infosphere_biginsights	ibm infosphere biginsights	eq	2.1.0.0

References

osvdb.org/95943

secunia.com/advisories/54447

www-01.ibm.com/support/docview.wss?uid=swg21645804

www.securityfocus.com/bid/61604

www.securitytracker.com/id/1028883

exchange.xforce.ibmcloud.com/vulnerabilities/84981

6.6 Medium

AI Score

Confidence

Low

6 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:S/C:P/I:P/A:P

0.001 Low

EPSS

Percentile

50.8%

JSON

Related for CVE-2013-3992

prion1 cvelist1 ibm1