Cross-Site Request Forgery in IBM Workplace for Business Controls
CVE-2008-6106

Currently unrated

Key Information:

Vendor: IBM
Status: Workplace For Business Controls And Reporting; Workplace Web Content Management
Vendor: CVE Published:; 10 February 2009

What is CVE-2008-6106?

A cross-site request forgery (CSRF) vulnerability exists in IBM Workplace for Business Controls and Reporting versions 2.x and IBM Workplace Web Content Management 6.x. This vulnerability can lead to unauthorized actions being executed on behalf of an authenticated user, without their consent. Attackers can exploit this weakness using remote methods, potentially causing significant disruption and data breaches. It is essential for users of these IBM products to assess their security measures and apply any recommended patches or mitigations to protect their environments.

References

http://www.securitytracker.com/id?1020236

vdb-entryx_refsource_SECTRACK

http://www-1.ibm.com/support/docview.wss?uid=swg1PJ33180

vendor-advisoryx_refsource_AIXAPAR

http://secunia.com/advisories/30433

third-party-advisoryx_refsource_SECUNIA

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 10, 2009
Vulnerability Reserved
Feb 10, 2009