CVE-2014-0961

Currently unrated

Key Information:

Vendor: IBM
Status: Tivoli Identity Manager; Security Identity Manager
Vendor: CVE Published:; 8 June 2014

Summary

Cross-site request forgery (CSRF) vulnerability in IBM Tivoli Identity Manager (ITIM) 5.0 before 5.0.0.15 and 5.1 before 5.1.0.15 and IBM Security Identity Manager (ISIM) 6.0 before 6.0.0.2 allows remote authenticated users to hijack the authentication of arbitrary users for requests that insert XSS sequences.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/92747

vdb-entryx_refsource_XF

http://secunia.com/advisories/59080

third-party-advisoryx_refsource_SECUNIA

http://www-01.ibm.com/support/docview.wss?uid=swg21674754

x_refsource_CONFIRM

Timeline

Vulnerability published
Jun 8, 2014
Vulnerability Reserved
Jan 6, 2014