First published: Tue Mar 13 2012(Updated: )
Cross-site request forgery (CSRF) vulnerability in the Labor Reporting page in IBM Maximo Asset Management and Asset Management Essentials 6.2, 7.1, and 7.5; IBM Tivoli Asset Management for IT 6.2, 7.1, and 7.2; IBM Tivoli Service Request Manager 7.1 and 7.2; IBM Maximo Service Desk 6.2; and IBM Tivoli Change and Configuration Management Database (CCMDB) 6.2, 7.1, and 7.2 allows remote attackers to hijack the authentication of arbitrary users.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
IBM Maximo Asset Management | =7.5 | |
IBM Maximo Asset Management | =7.1 | |
IBM Maximo Asset Management | =6.2 | |
Ibm Maximo Asset Management Essentials | =6.2 | |
Ibm Maximo Asset Management Essentials | =7.5 | |
Ibm Maximo Asset Management Essentials | =7.1 | |
IBM Tivoli Asset Management for IT | =7.2 | |
IBM Tivoli Asset Management for IT | =7.1 | |
IBM Tivoli Asset Management for IT | =6.2 | |
Ibm Trivoli Service Request Manager | =7.1 | |
Ibm Trivoli Service Request Manager | =7.2 | |
IBM Maximo Service Desk | =6.2 | |
IBM Tivoli Change and Configuration Management Database | =7.1 | |
IBM Tivoli Change and Configuration Management Database | =7.2 | |
IBM Tivoli Change and Configuration Management Database | =6.2 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.