Security Bulletin: Cross-Site Request Forgery in IBM InfoSphere Master Data Management - Collaborative Edition (CVE-2013-5427)
|
Información sobre el sistema
|
|
|
Software afectado |
IBM |
Descripción
|
Due to insufficient safeguards against cross-site request forgery, an attacker can trick a legitimate user into opening a URL that results in an action being taken as that user, potentially without the knowledge of that user. Any actions taken require that the legitimate user be already authenticated or to authenticate separately as part of the attack. CVE(s): CVE-2013-5427 Affected product(s) and affected version(s): - IBM InfoSphere Master Data Management - Collaborative Edition Versions
More info:
https://www-304.ibm.com/connections/blogs/PSIRT/entry/security_bulletin_cross_site_request_forgery_in_ibm_infosphere_master_data_management_collaborative_edition_cve_2013_5427?lang=en_us |
Identificadores estándar
|
Propiedad |
Valor |
CVE |
CVE-2013-5427 ,CVE-2013-6727 ,CVE-2013-5371 and CVE-2013-1500. |