CSRF in Ibm Security_identity_manager
CVE-2014-0961
Cross-site request forgery (CSRF) vulnerability in IBM Tivoli Identity Manager (ITIM) 5.0 before 5.0.0.15 and 5.1 before 5.1.0.15 and IBM Security Identity Manager (ISIM) 6.0 before 6.0.0.2 allows remote authenticated users to hijack the a…
Vulnerability class: CSRF (Cross-Site Request Forgery)
EPSS: 0.005 (40.6th percentile) — read the EPSS interpretation.
Affected products
- Ibm Security_identity_manager — versions 6.0.0, 6.0.0.1
- Ibm Tivoli_identity_manager — versions 5.0.0, 5.0.0.6, 5.0.0.10
- N/a — versions n/a
Weakness classification (CWE)
References
- psirt@us.ibm.com (vdb-entry, x_refsource_XF)
- psirt@us.ibm.com (x_refsource_SECUNIA, third-party-advisory)
- psirt@us.ibm.com (x_refsource_CONFIRM, Vendor Advisory)
- psirt@us.ibm.com (vdb-entry, x_refsource_BID)