Cross-Site Request Forgery Vulnerabilities in IBM Cognos Command Center
CVE-2013-4000

Currently unrated

Key Information:

Vendor: IBM
Status: Cognos Command Center
Vendor: CVE Published:; 14 December 2013

Summary

IBM Cognos Command Center prior to version 10.2 has multiple vulnerabilities related to cross-site request forgery (CSRF). These vulnerabilities allow remote attackers to hijack an administrator's authentication and perform unauthorized actions, such as starting or stopping services, without the administrator's consent. This vulnerability highlights the need for enhanced security measures to protect against CSRF attacks and safeguard sensitive operations within the platform.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/85150

vdb-entryx_refsource_XF

http://www-01.ibm.com/support/docview.wss?uid=swg21657932

x_refsource_CONFIRM

Timeline

Vulnerability published
Dec 14, 2013
Vulnerability Reserved
Jun 7, 2013