PT-2013-4797 · Ibm · Infosphere Optim Configuration Manager+3
Publicado
2013-09-25
·
Atualizado
2017-08-29
·
CVE-2013-4022
CVSS v2.0
3.5
Baixa
| Vetor | AV:N/AC:M/Au:S/C:P/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
IBM Data Studio Web Console versions 3.x before 3.2
Optim Performance Manager versions 5.x before 5.2
InfoSphere Optim Configuration Manager versions 2.x before 2.2
DB2 Recovery Expert versions 2.x
Description
The issue allows remote authenticated users to bypass intended access restrictions. This is due to unspecified authentication information being stored in a cookie.
Recommendations
For IBM Data Studio Web Console versions 3.x before 3.2, update to version 3.2 or later.
For Optim Performance Manager versions 5.x before 5.2, update to version 5.2 or later.
For InfoSphere Optim Configuration Manager versions 2.x before 2.2, update to version 2.2 or later.
For DB2 Recovery Expert versions 2.x, update to a version that does not store unspecified authentication information in a cookie.
Correção
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Db2 Recovery Expert
Ibm Data Studio Web Console
Infosphere Optim Configuration Manager
Optim Performance Manager