Lucene search
HistoryMar 16, 2014 - 2:06 p.m.
CVE-2013-4057
ibm
infosphere
information server
csrf
vulnerability
xml pack
nvd
cve-2013-4057
7.2 High
AI Score
Confidence
Low
6.8 Medium
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.003 Low
EPSS
Percentile
65.4%
Cross-site request forgery (CSRF) vulnerability in the XML Pack in IBM InfoSphere Information Server 8.5.x through 8.5 FP3, 8.7.x through 8.7 FP2, and 9.1.x through 9.1.2.0 allows remote attackers to hijack the authentication of arbitrary users.
Affected configurations
Node
ibminfosphere_information_serverMatch8.5
ORibminfosphere_information_serverMatch8.5.0.1
ORibminfosphere_information_serverMatch8.5.0.2
ORibminfosphere_information_serverMatch8.5.0.3
ORibminfosphere_information_serverMatch8.7
ORibminfosphere_information_serverMatch8.7.0.1
ORibminfosphere_information_serverMatch8.7.0.2
ORibminfosphere_information_serverMatch9.1
ORibminfosphere_information_serverMatch9.1.0.1
ORibminfosphere_information_serverMatch9.1.2
Related
prion
prion
Cross site request forgery (csrf)
2014-03-16 14:06:00
cvelist
cvelist
CVE-2013-4057
2014-03-16 10:00:00
nvd
nvd
CVE-2013-4057
2014-03-16 14:06:44
7.2 High
AI Score
Confidence
Low
6.8 Medium
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.003 Low
EPSS
Percentile
65.4%
Related for CVE-2013-4057