Lucene search
IbmCVE-2012-3309HistoryAug 29, 2012 - 10:55 p.m.
CVE-2012-3309
2012-08-2922:55:01
CWE-352
ibm
web.nvd.nist.gov
35
ibm
infosphere
guardium
csrf
vulnerability
account creation
authentication
administrators
nvd
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
AI Score
7.2
Confidence
Low
EPSS
0.002
Percentile
55.3%
Cross-site request forgery (CSRF) vulnerability in the account-creation panel in IBM InfoSphere Guardium 8.2 and earlier, when the CSRF filtering (aka csrf_status) feature is disabled, allows remote attackers to hijack the authentication of administrators for requests that create administrative accounts.
Affected configurations
Node
ibminfosphere_guardiumRange≤8.2
ORibminfosphere_guardiumMatch8.00
ORibminfosphere_guardiumMatch8.01
| Vendor | Product | Version | CPE |
|---|---|---|---|
| ibm | infosphere_guardium | * | cpe:2.3:a:ibm:infosphere_guardium:*:*:*:*:*:*:*:* |
| ibm | infosphere_guardium | 8.00 | cpe:2.3:a:ibm:infosphere_guardium:8.00:*:*:*:*:*:*:* |
| ibm | infosphere_guardium | 8.01 | cpe:2.3:a:ibm:infosphere_guardium:8.01:*:*:*:*:*:*:* |
Related
ibm
ibm
cvelist
cvelist
CVE-2012-3309
2012-08-29 22:00:00
nvd
nvd
CVE-2012-3309
2012-08-29 22:55:01
prion
prion
Cross site request forgery (csrf)
2012-08-29 22:55:00
ptsecurity
ptsecurity
PT-2012-15: Multiple vulnerabilities in IBM InfoSphere Guardium
2012-08-30 00:00:00
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
AI Score
7.2
Confidence
Low
EPSS
0.002
Percentile
55.3%
Related for CVE-2012-3309