Cross-Site Request Forgery Vulnerability in IBM Operational Decision Manager
CVE-2014-0944

Currently unrated

Key Information:

Vendor: IBM
Status: Operational Decision Manager
Vendor: CVE Published:; 9 May 2014

Summary

A cross-site request forgery (CSRF) vulnerability exists in the RES Console of IBM Operational Decision Manager, allowing remote authenticated users to hijack the authentication of other users. This enables malicious actors to execute unauthorized actions by manipulating requests that may include cross-site scripting (XSS) sequences. Versions prior to specific fixes are at risk, requiring users to update to maintain secure environments.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/92559

vdb-entryx_refsource_XF

http://www-01.ibm.com/support/docview.wss?uid=swg21671324

x_refsource_CONFIRM

Timeline

Vulnerability published
May 9, 2014
Vulnerability Reserved
Jan 6, 2014