Authorization Bypass in IBM Rational Policy Tester Affects Remote User Access
CVE-2013-4061

Currently unrated

Key Information:

Vendor

IBM
Status
Rational Policy Tester
Vendor
CVE Published:
9 September 2013

What is CVE-2013-4061?

IBM Rational Policy Tester 8.5 prior to version 8.5.0.5 contains a vulnerability that fails to adequately verify user authorization when changes are made to the set of authentication hosts. This oversight permits remote authenticated users to carry out spoofing attacks, potentially redirecting HTTP requests through unspecified vectors and compromising security measures.

References

http://www-01.ibm.com/support/docview.wss?uid=swg21648481
x_refsource_CONFIRM
https://exchange.xforce.ibmcloud.com/vulnerabilities/86585
vdb-entryx_refsource_XF

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.