Lucene search

K
nvd[email protected]NVD:CVE-2012-0730
HistoryMay 03, 2012 - 4:08 a.m.

CVE-2012-0730

2012-05-0304:08:24
CWE-352
web.nvd.nist.gov
2
cve-2012-0730
cross-site request forgery
ibm rational appscan enterprise
remote attackers
authentication hijacking
administrative accounts

CVSS2

6

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:S/C:P/I:P/A:P

AI Score

7.1

Confidence

Low

EPSS

0.001

Percentile

48.7%

Multiple cross-site request forgery (CSRF) vulnerabilities in IBM Rational AppScan Enterprise 5.x and 8.x before 8.5.0.1 allow remote attackers to hijack the authentication of administrators for requests that create administrative accounts.

Affected configurations

Nvd
Node
ibmrational_appscanMatch5.2enterprise
OR
ibmrational_appscanMatch5.4enterprise
OR
ibmrational_appscanMatch5.5.0enterprise
OR
ibmrational_appscanMatch5.5.0.1enterprise
OR
ibmrational_appscanMatch5.5.0.2enterprise
OR
ibmrational_appscanMatch5.6.0enterprise
OR
ibmrational_appscanMatch5.6.0.3enterprise
OR
ibmrational_appscanMatch8.0.0enterprise
OR
ibmrational_appscanMatch8.0.0.1enterprise
OR
ibmrational_appscanMatch8.0.0.2enterprise
OR
ibmrational_appscanMatch8.0.0.3enterprise
OR
ibmrational_appscanMatch8.0.1enterprise
OR
ibmrational_appscanMatch8.0.1.1enterprise
OR
ibmrational_appscanMatch8.5.0enterprise
OR
ibmrational_appscanMatch8.5.0.0enterprise
VendorProductVersionCPE
ibmrational_appscan5.2cpe:2.3:a:ibm:rational_appscan:5.2:*:enterprise:*:*:*:*:*
ibmrational_appscan5.4cpe:2.3:a:ibm:rational_appscan:5.4:*:enterprise:*:*:*:*:*
ibmrational_appscan5.5.0cpe:2.3:a:ibm:rational_appscan:5.5.0:*:enterprise:*:*:*:*:*
ibmrational_appscan5.5.0.1cpe:2.3:a:ibm:rational_appscan:5.5.0.1:*:enterprise:*:*:*:*:*
ibmrational_appscan5.5.0.2cpe:2.3:a:ibm:rational_appscan:5.5.0.2:*:enterprise:*:*:*:*:*
ibmrational_appscan5.6.0cpe:2.3:a:ibm:rational_appscan:5.6.0:*:enterprise:*:*:*:*:*
ibmrational_appscan5.6.0.3cpe:2.3:a:ibm:rational_appscan:5.6.0.3:*:enterprise:*:*:*:*:*
ibmrational_appscan8.0.0cpe:2.3:a:ibm:rational_appscan:8.0.0:*:enterprise:*:*:*:*:*
ibmrational_appscan8.0.0.1cpe:2.3:a:ibm:rational_appscan:8.0.0.1:*:enterprise:*:*:*:*:*
ibmrational_appscan8.0.0.2cpe:2.3:a:ibm:rational_appscan:8.0.0.2:*:enterprise:*:*:*:*:*
Rows per page:
1-10 of 151

CVSS2

6

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:S/C:P/I:P/A:P

AI Score

7.1

Confidence

Low

EPSS

0.001

Percentile

48.7%

Related for NVD:CVE-2012-0730