CSRF in Ibm Infosphere_information_server

CVE-2013-4057

Cross-site request forgery (CSRF) vulnerability in the XML Pack in IBM InfoSphere Information Server 8.5.x through 8.5 FP3, 8.7.x through 8.7 FP2, and 9.1.x through 9.1.2.0 allows remote attackers to hijack the authentication of arbitrary…

Vulnerability class: CSRF (Cross-Site Request Forgery)

EPSS: 0.002 (43.7th percentile) — read the EPSS interpretation.

Affected products

Ibm Infosphere_information_server — versions 8.5, 8.5.0.1, 8.5.0.2
N/a — versions n/a

Weakness classification (CWE)

CWE-352 — Cross-Site Request Forgery (CSRF)

References

JR49200 (vendor-advisory, x_refsource_AIXAPAR)
66154 (vdb-entry, x_refsource_BID)
JR48815 (vendor-advisory, x_refsource_AIXAPAR)
JR49206 (vendor-advisory, x_refsource_AIXAPAR)
psirt@us.ibm.com (x_refsource_CONFIRM, Vendor Advisory)
ibm-infosphere-cve20134057-csrf(86546) (vdb-entry, x_refsource_XF)