Authentication Bypass in IBM Data Studio and Related Products
CVE-2013-4022

Currently unrated

Key Information:

Vendor: IBM
Status: Data Studio Web Console; Infosphere Optim Configuration Manager; Optim Performance Manager; Db2 Recovery Expert
Vendor: CVE Published:; 25 September 2013

Summary

Multiple IBM products, including Data Studio Web Console and Optim Performance Manager, contain a vulnerability where unspecified authentication information is improperly stored in a cookie. This flaw enables remote authenticated users to potentially bypass intended access restrictions. Such vulnerabilities can lead to unauthorized access to sensitive data, posing significant security risks to affected systems.

References

http://www-01.ibm.com/support/docview.wss?uid=swg21650504

x_refsource_CONFIRM

https://exchange.xforce.ibmcloud.com/vulnerabilities/85928

vdb-entryx_refsource_XF

Timeline

Vulnerability published
Sep 25, 2013
Vulnerability Reserved
Jun 7, 2013