Cross-Site Request Forgery Vulnerability in IBM Data Studio
CVE-2013-2980

Currently unrated

Key Information:

Vendor: IBM
Status: Data Studio
Vendor: CVE Published:; 17 June 2013

Summary

The vulnerability in IBM Data Studio affects versions 3.1.0 and 3.1.1, allowing remote attackers to perform cross-site request forgery attacks. By exploiting this CSRF flaw, attackers can hijack the authentication of users, enabling unauthorized access to sensitive monitored database information. This poses significant security risks for organizations using the affected versions, as unprotected web interfaces can be manipulated to execute malicious commands on behalf of authenticated users.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/84113

vdb-entryx_refsource_XF

http://www-01.ibm.com/support/docview.wss?uid=swg21638733

x_refsource_CONFIRM

Timeline

Vulnerability published
Jun 17, 2013
Vulnerability Reserved
Apr 12, 2013