CVE-2014-3024

Currently unrated

Key Information:

Vendor: IBM
Status: Smartcloud Control Desk
Vendor: CVE Published:; 29 August 2014

Summary

Cross-site request forgery (CSRF) vulnerability in IBM Maximo Asset Management 7.1 through 7.1.1.12 and 7.5 through 7.5.0.6 and Maximo Asset Management 7.5.0 through 7.5.0.3 and 7.5.1 through 7.5.1.2 for SmartCloud Control Desk allows remote authenticated users to hijack the authentication of arbitrary users.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/93063

vdb-entryx_refsource_XF

http://www.securitytracker.com/id/1030781

vdb-entryx_refsource_SECTRACK

http://www-01.ibm.com/support/docview.wss?uid=swg21679918

x_refsource_CONFIRM

Timeline

Vulnerability published
Aug 29, 2014
Vulnerability Reserved
Apr 29, 2014