3 matches found
CVE-2012-2959
Cross-site request forgery CSRF vulnerability in password-manager/changePasswords.do in BMC Identity Management Suite 7.5.00.103 allows remote attackers to hijack the authentication of administrators for requests that change passwords...
CVE-2012-2959
CVE-2012-2959 is a CSRF vulnerability affecting BMC Identity Management Suite v7.5.00.103 (and potentially other versions) in the password-manager/changePasswords.do endpoint. An unauthenticated attacker could trick a logged-in administrator into submitting a request that changes user passwords, ...
CVE-2012-2959
Cross-site request forgery CSRF vulnerability in password-manager/changePasswords.do in BMC Identity Management Suite 7.5.00.103 allows remote attackers to hijack the authentication of administrators for requests that change passwords...