CVE-2014-6077

Currently unrated

Key Information:

Vendor
IBM
Status
Security Access Manager For Web
Vendor
CVE Published:
18 December 2014

Summary

Cross-site request forgery (CSRF) vulnerability in IBM Security Access Manager for Mobile 8.x before 8.0.1 and Security Access Manager for Web 7.x before 7.0.0 FP10 and 8.x before 8.0.1 allows remote attackers to hijack the authentication of arbitrary users for requests that insert XSS sequences.

References

http://www-01.ibm.com/support/docview.wss?uid=swg21684475
x_refsource_CONFIRM
http://www-01.ibm.com/support/docview.wss?uid=swg1IV67358
vendor-advisoryx_refsource_AIXAPAR
https://exchange.xforce.ibmcloud.com/vulnerabilities/95730
vdb-entryx_refsource_XF

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
🍪 This website uses cookies, like every other website on the internet 😕 By using our website, you consent to the use of cookies.