Lucene search
HistoryMar 29, 2013 - 4:08 p.m.
CVE-2013-0452
ibm
tivoli
endpoint manager
csrf
vulnerability
sua application
nvd
cve-2013-0452
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
AI Score
7.3
Confidence
Low
EPSS
0.001
Percentile
48.7%
Cross-site request forgery (CSRF) vulnerability in the Software Use Analysis (SUA) application before 1.3.3 in IBM Tivoli Endpoint Manager 8.2 allows remote attackers to hijack the authentication of arbitrary users via a web site that contains crafted Flash Action Message Format (AMF) messages.
Affected configurations
Node
ibmsoftware_use_analysisRange≤1.3.2
ORibmtivoli_endpoint_managerMatch8.2
| Vendor | Product | Version | CPE |
|---|---|---|---|
| ibm | software_use_analysis | cpe:/a:ibm:software_use_analysis:::: | |
| ibm | tivoli_endpoint_manager | 8.2 | cpe:/a:ibm:tivoli_endpoint_manager:8.2::: |
Related
cvelist
cvelist
CVE-2013-0452
2013-03-29 10:00:00
prion
prion
Cross site request forgery (csrf)
2013-03-29 16:08:00
nvd
nvd
CVE-2013-0452
2013-03-29 16:08:58
nessus
nessus
IBM Tivoli Endpoint Manager Server < 8.2.1372 Multiple Vulnerabilities
2013-04-30 00:00:00
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
AI Score
7.3
Confidence
Low
EPSS
0.001
Percentile
48.7%
Related for CVE-2013-0452