Remote Security Bypass in IBM Rational Asset Manager 7.5
CVE-2011-4820

4.3MEDIUM

Key Information:

Vendor: IBM
Status: Rational Asset Manager
Vendor: CVE Published:; 29 September 2022

Summary

The vulnerability in IBM Rational Asset Manager 7.5 allows remote attackers to bypass established security protocols. By exploiting the UID parameter, attackers can gain unauthorized access and modify preferences of other users, potentially compromising user data and system integrity. This flaw underscores the necessity for robust security measures and timely updates to safeguard sensitive information from unauthorized manipulation.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/71161

vdb-entryx_refsource_XF

CVSS V3.1

Score:

4.3

Severity:

MEDIUM

Confidentiality:

None

Integrity:

Low

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Sep 29, 2022
Vulnerability Reserved
Dec 14, 2011