CVE

Id
56552  
CVE No.
CVE-2012-3309  
Status
Candidate  
Description
Cross-site request forgery (CSRF) vulnerability in the account-creation panel in IBM InfoSphere Guardium 8.2 and earlier, when the CSRF filtering (aka csrf_status) feature is disabled, allows remote attackers to hijack the authentication of administrators for requests that create administrative accounts.  
Phase
Assigned (20120607)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
585669 56552 CVE-2012-3309 MISC:http://en.securitylab.ru/lab/  View
585670 56552 CVE-2012-3309 MISC:http://en.securitylab.ru/lab/PT-2012-15  View
585671 56552 CVE-2012-3309 CONFIRM:http://www.ibm.com/support/docview.wss?uid=swg21609223  View
585672 56552 CVE-2012-3309 SECTRACK:1027455  View
585673 56552 CVE-2012-3309 URL:http://www.securitytracker.com/id?1027455  View
585674 56552 CVE-2012-3309 XF:infosphere-gaurdium-csrf(77745)  View

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
29013 JVNDB-2012-004720 IBM Tivoli Federated Identity Manager 製品におけるセッションを確立される脆弱性 IBM Tivoli Federated Identity Manager (TFIM) および Tivoli Federated Identity Manager Business Gateway (TFIMBG) には、セッションを確立される脆弱性が存在します。 CVE-2012-3314 56552 5.8 http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-004720.html  View