Cross site request forgery (csrf)

2012-09-1017:55:00

PRIOn knowledge base

www.prio-n.com

7.5 High

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

65.5%

JSON

Cross-site request forgery (CSRF) vulnerability in IBM Maximo Asset Management 6.2 through 7.5, as used in SmartCloud Control Desk, Tivoli Asset Management for IT, Tivoli Service Request Manager, Maximo Service Desk, and Change and Configuration Management Database (CCMDB), allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.

CPENameOperatorVersion
change_and_configuration_management_databaseeq7.0
change_and_configuration_management_databaseeq6.0
maximo_asset_managementeq6.2.0.0
maximo_asset_managementeq7.5.0.0
maximo_asset_managementeq7.1.0.0
maximo_service_deskeq6.2
smartcloud_control_deskeq7.0
tivoli_asset_management_for_iteq7.0
tivoli_asset_management_for_iteq7.2
tivoli_asset_management_for_iteq7.1

Name	Operator	Version
change_and_configuration_management_database	eq	7.0
change_and_configuration_management_database	eq	6.0
maximo_asset_management	eq	6.2.0.0
maximo_asset_management	eq	7.5.0.0
maximo_asset_management	eq	7.1.0.0
maximo_service_desk	eq	6.2
smartcloud_control_desk	eq	7.0
tivoli_asset_management_for_it	eq	7.0
tivoli_asset_management_for_it	eq	7.2
tivoli_asset_management_for_it	eq	7.1