CVE-2012-0730: CSRF
First published: Thu May 03 2012(Updated: )
Multiple cross-site request forgery (CSRF) vulnerabilities in IBM Rational AppScan Enterprise 5.x and 8.x before 8.5.0.1 allow remote attackers to hijack the authentication of administrators for requests that create administrative accounts.
Credit: psirt@us.ibm.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| IBM Rational AppScan | =5.2 | |
| IBM Rational AppScan | =5.4 | |
| IBM Rational AppScan | =5.5.0 | |
| IBM Rational AppScan | =5.5.0.1 | |
| IBM Rational AppScan | =5.5.0.2 | |
| IBM Rational AppScan | =5.6.0 | |
| IBM Rational AppScan | =5.6.0.3 | |
| IBM Rational AppScan | =8.0.0 | |
| IBM Rational AppScan | =8.0.0.1 | |
| IBM Rational AppScan | =8.0.0.2 | |
| IBM Rational AppScan | =8.0.0.3 | |
| IBM Rational AppScan | =8.0.1 | |
| IBM Rational AppScan | =8.0.1.1 | |
| IBM Rational AppScan | =8.5.0 | |
| IBM Rational AppScan | =8.5.0.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- collector/nvd-index
- agent/severity
- agent/references
- agent/weakness
- agent/author
- agent/type
- agent/description
- agent/event
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/ibm
- canonical/ibm rational appscan
- version/ibm rational appscan/5.2
- version/ibm rational appscan/5.4
- version/ibm rational appscan/5.5.0
- version/ibm rational appscan/5.5.0.1
- version/ibm rational appscan/5.5.0.2
- version/ibm rational appscan/5.6.0
- version/ibm rational appscan/5.6.0.3
- version/ibm rational appscan/8.0.0
- version/ibm rational appscan/8.0.0.1
- version/ibm rational appscan/8.0.0.2
- version/ibm rational appscan/8.0.0.3
- version/ibm rational appscan/8.0.1
- version/ibm rational appscan/8.0.1.1
- version/ibm rational appscan/8.5.0
- version/ibm rational appscan/8.5.0.0