Cross site request forgery (csrf)

2017-09-1815:29:00

PRIOn knowledge base

www.prio-n.com

6.8 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

41.9%

JSON

Cross-site request forgery (CSRF) vulnerability in IBM Security Identity Manager 5.1, 6.0, and 7.0 allows remote attackers to hijack the authentication of users for requests that can cause cross-site scripting attacks, web cache poisoning, or other unspecified impacts via unknown vectors.

CPENameOperatorVersion
security_identity_managereq5.1.0.6
security_identity_managereq5.1.0.10
security_identity_managereq5.1.0.9
security_identity_managereq6.0.0.3
security_identity_managereq5.1.0.3
security_identity_managereq6.0.0.2
security_identity_managereq5.1.0
security_identity_managereq6.0.0.0
security_identity_managereq5.1.0.5
security_identity_managereq5.1.0.15

Name	Operator	Version
security_identity_manager	eq	5.1.0.6
security_identity_manager	eq	5.1.0.10
security_identity_manager	eq	5.1.0.9
security_identity_manager	eq	6.0.0.3
security_identity_manager	eq	5.1.0.3
security_identity_manager	eq	6.0.0.2
security_identity_manager	eq	5.1.0
security_identity_manager	eq	6.0.0.0
security_identity_manager	eq	5.1.0.5
security_identity_manager	eq	5.1.0.15