Cross-Site Request Forgery Vulnerabilities in IBM WebSphere Service Registry and Repository
CVE-2014-6187

Currently unrated

Key Information:

Vendor: IBM
Status: Websphere Service Registry And Repository
Vendor: CVE Published:; 24 December 2014

Summary

Multiple cross-site request forgery (CSRF) vulnerabilities exist in IBM WebSphere Service Registry and Repository (WSRR) across various versions, allowing remote authenticated users to potentially hijack the authentication of unintended victims through unspecified vectors. These vulnerabilities highlight the importance of secure coding practices to mitigate risks of authentication hijacking in enterprise applications.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/98553

vdb-entryx_refsource_XF

http://www.ibm.com/support/docview.wss?uid=swg21693384

x_refsource_CONFIRM

http://www.securityfocus.com/bid/71906

vdb-entryx_refsource_BID

Timeline

Vulnerability published
Dec 24, 2014
Vulnerability Reserved
Sep 2, 2014