CSRF in Ibm Rational_clearquest
CVE-2013-0598
Cross-site request forgery (CSRF) vulnerability in the Web Client in IBM Rational ClearQuest 7.1 before 7.1.2.12, 8.0 before 8.0.0.8, and 8.0.1 before 8.0.1.1 allows remote attackers to hijack the authentication of arbitrary users.
Vulnerability class: CSRF (Cross-Site Request Forgery)
EPSS: 0.001 (30.4th percentile) — read the EPSS interpretation.
Affected products
- Ibm Rational_clearquest — versions 7.1.1.1, 7.1.1.2, 7.1.1.3
- N/a — versions n/a
Weakness classification (CWE)
References
- PM88185 (vendor-advisory, x_refsource_AIXAPAR)
- clearquest-cve20130598-csrf(83611) (vdb-entry, x_refsource_XF)
- psirt@us.ibm.com (x_refsource_CONFIRM, Vendor Advisory)