Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2013-0532

Опубликовано: 29 мар. 2013
Источник: nvd
CVSS2: 6.8
EPSS Низкий

Описание

Cross-site request forgery (CSRF) vulnerability in IBM Security AppScan Enterprise 5.6 and 8.x before 8.7 and IBM Rational Policy Tester 5.6 and 8.x before 8.5.0.4 allows remote attackers to hijack the authentication of arbitrary users for requests that cause a denial of service via malformed HTTP data.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:ibm:security_appscan:5.6.0.0:-:enterprise:*:*:*:*:*
cpe:2.3:a:ibm:security_appscan:8.0.0.0:-:enterprise:*:*:*:*:*
cpe:2.3:a:ibm:security_appscan:8.0.0.1:-:enterprise:*:*:*:*:*
cpe:2.3:a:ibm:security_appscan:8.0.0.2:-:enterprise:*:*:*:*:*
cpe:2.3:a:ibm:security_appscan:8.0.1.0:-:enterprise:*:*:*:*:*
cpe:2.3:a:ibm:security_appscan:8.0.1.1:-:enterprise:*:*:*:*:*
cpe:2.3:a:ibm:security_appscan:8.0.11:-:enterprise:*:*:*:*:*
cpe:2.3:a:ibm:security_appscan:8.5.0.0:-:enterprise:*:*:*:*:*
cpe:2.3:a:ibm:security_appscan:8.5.0.1:-:enterprise:*:*:*:*:*
cpe:2.3:a:ibm:security_appscan:8.6.0.0:-:enterprise:*:*:*:*:*
cpe:2.3:a:ibm:security_appscan:8.6.0.1:-:enterprise:*:*:*:*:*
cpe:2.3:a:ibm:security_appscan:8.6.0.2:-:enterprise:*:*:*:*:*
Конфигурация 2

Одно из

cpe:2.3:a:ibm:rational_policy_tester:5.6.0.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:rational_policy_tester:8.0.0.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:rational_policy_tester:8.0.0.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:rational_policy_tester:8.0.0.2:*:*:*:*:*:*:*
cpe:2.3:a:ibm:rational_policy_tester:8.0.1.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:rational_policy_tester:8.0.1.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:rational_policy_tester:8.5.0.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:rational_policy_tester:8.5.0.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:rational_policy_tester:8.5.0.2:*:*:*:*:*:*:*
cpe:2.3:a:ibm:rational_policy_tester:8.5.0.3:*:*:*:*:*:*:*

EPSS

Процентиль: 35%
0.00142
Низкий

6.8 Medium

CVSS2

Дефекты

CWE-352

Связанные уязвимости

github логотип

GHSA-gf4r-j8r8-2g8j

github
почти 4 года назад

Cross-site request forgery (CSRF) vulnerability in IBM Security AppScan Enterprise 5.6 and 8.x before 8.7 and IBM Rational Policy Tester 5.6 and 8.x before 8.5.0.4 allows remote attackers to hijack the authentication of arbitrary users for requests that cause a denial of service via malformed HTTP data.

EPSS

Процентиль: 35%
0.00142
Низкий

6.8 Medium

CVSS2

Дефекты

CWE-352