Cross-Site Request Forgery Vulnerability in IBM Rational AppScan Enterprise
CVE-2012-0730

Currently unrated

Key Information:

Vendor: IBM
Status: Rational Appscan
Vendor: CVE Published:; 3 May 2012

Summary

Multiple cross-site request forgery vulnerabilities exist in IBM Rational AppScan Enterprise versions 5.x and 8.x prior to 8.5.0.1. These vulnerabilities can be exploited by remote attackers to hijack the authentication of administrators and create unauthorized administrative accounts without their consent. This allows attackers to manipulate sensitive operations within the application, potentially leading to further exploits.

References

http://secunia.com/advisories/48967

third-party-advisoryx_refsource_SECUNIA

http://www.ibm.com/support/docview.wss?uid=swg21592188

x_refsource_CONFIRM

https://exchange.xforce.ibmcloud.com/vulnerabilities/74370

vdb-entryx_refsource_XF

Timeline

Vulnerability published
May 3, 2012
Vulnerability Reserved
Jan 17, 2012