Boletines de Vulnerabilidades

IBM Security Bulletin: In IBM InfoSphere Information Server, the Information Services Catalog interface is vulnerable to various web UI vulnerabilities (CVE-2013-3034, CVE-2013-4057, CVE-2013-4059, CV

Información sobre el sistema
   
Software afectado IBM

Descripción
The Information Services Catalog interface of the IBM InfoSphere Information Server web console is exposed to various well known web UI vulnerabilities: phishing through frames, cacheable SSL pages, link injection, cross-site request forgery and cross-site scripting. CVE(s): CVE-2013-3034, CVE-2013-4057, CVE-2013-4059 and CVE-2012-4819 Affected product(s) and affected version(s): IBM InfoSphere Information Server versions 8.0, 8.1, 8.5, 8.7, and 9.1 running on all platforms Refer to the

More info:

https://www-304.ibm.com/connections/blogs/PSIRT/entry/ibm_security_bulletin_in_ibm_infosphere_information_server_the_information_services_catalog_interface_is_vulnerable_to_various_web_ui_vulnerabilities_cve_2013_3034_cve_2013_4057_cve_2013_4059_cve_

Identificadores estándar
Propiedad Valor
CVE

Histórico de versiones
Versión Comentario Fecha
1.0 Advisory issued 2014-06-13

Miembros de

CERT
FIRST
TF-CSIRT
EGC Group
UE
Red Nacional de SOC
Foro Nacional de Ciberseguridad
CSIRT.es
Ministerio de Defensa
CNI
CCN
CCN-CERT