Cross site request forgery (csrf)

2019-06-2516:15:00

PRIOn knowledge base

www.prio-n.com

8.2 High

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

66.3%

JSON

IBM API Connect 5.0.0.0 through 5.0.8.6 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 151256.

CPENameOperatorVersion
api_connectge5.0.0.0
api_connectle5.0.8.6

CPE	Name	Operator	Version
	api_connect	ge	5.0.0.0
	api_connect	le	5.0.8.6

References

www.ibm.com/support/docview.wss?uid=ibm10794169

www.securityfocus.com/bid/108898

www.securityfocus.com/bid/109111

exchange.xforce.ibmcloud.com/vulnerabilities/151256