Cross-Site Request Forgery Vulnerability in IBM Lotus Protector for Mail Security
CVE-2014-0885

Currently unrated

Key Information:

Vendor: IBM
Status: Lotus Protector For Mail Security
Vendor: CVE Published:; 25 March 2014

Summary

A CSRF vulnerability exists in the Admin Web UI of IBM Lotus Protector for Mail Security versions 2.8.x prior to 2.8.1-22905. This security flaw permits remote authenticated users to exploit the authentication process, potentially leading to unauthorized actions being performed on behalf of victims without their consent. Remediation strategies should be implemented to mitigate the risk associated with this vulnerability.

References

http://www-01.ibm.com/support/docview.wss?uid=swg21668124

x_refsource_CONFIRM

https://exchange.xforce.ibmcloud.com/vulnerabilities/91171

vdb-entryx_refsource_XF

Timeline

Vulnerability published
Mar 25, 2014
Vulnerability Reserved
Jan 6, 2014