CVE-2013-0452

Currently unrated

Key Information:

Vendor: IBM
Status: Tivoli Endpoint Manager; Software Use Analysis
Vendor: CVE Published:; 29 March 2013

Summary

Cross-site request forgery (CSRF) vulnerability in the Software Use Analysis (SUA) application before 1.3.3 in IBM Tivoli Endpoint Manager 8.2 allows remote attackers to hijack the authentication of arbitrary users via a web site that contains crafted Flash Action Message Format (AMF) messages.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/80968

vdb-entryx_refsource_XF

http://www-01.ibm.com/support/docview.wss?uid=swg1IV38145

vendor-advisoryx_refsource_AIXAPAR

http://www-01.ibm.com/support/docview.wss?uid=swg21631350

x_refsource_CONFIRM

Timeline

Vulnerability published
Mar 29, 2013
Vulnerability Reserved
Dec 16, 2012