CVE-2012-5950

Name of the Vulnerable Software and Affected Versions IBM TRIRIGA Application Platform versions 2.x through 3.x before 3.3 IBM TRIRIGA Application Platform version 8

Description The issue allows remote attackers to hijack the authentication of arbitrary users for requests that modify data records. This is achieved via vectors involving the html/en/default/ directory or the sqa/html/en/default/process/comm/saveProps.jsp endpoint.

Recommendations For IBM TRIRIGA Application Platform versions 2.x through 3.x before 3.3, update to version 3.3 or later. For IBM TRIRIGA Application Platform version 8, at the moment, there is no information about a newer version that contains a fix for this issue.