Remote User Impersonation in IBM Data Growth Solution for Oracle E-Business Suite
CVE-2013-0579

Currently unrated

Key Information:

Vendor: IBM
Status: Infosphere Optim Data Growth For Oracle E-business Suite
Vendor: CVE Published:; 10 October 2013

Summary

The Optim E-Business Console in IBM's Data Growth Solution for Oracle E-business Suite allows remote attackers to impersonate any user by taking advantage of a session fixation vulnerability. This can occur both pre-authentication and post-authentication, enabling unauthorized access to sensitive user data. Attackers can exploit this weakness by gaining access to a legitimate user's web browser, leading to potential data breaches and unauthorized actions within the application.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/83331

vdb-entryx_refsource_XF

http://www-01.ibm.com/support/docview.wss?uid=swg21651990

x_refsource_CONFIRM

Timeline

Vulnerability published
Oct 10, 2013
Vulnerability Reserved
Dec 16, 2012