CVE-2013-5443

Name of the Vulnerable Software and Affected Versions IBM Cognos Express versions 9.0 before IFIX 2 IBM Cognos Express versions 9.5 before IFIX 2 IBM Cognos Express versions 10.1 before IFIX 2 IBM Cognos Express versions 10.2.1 before FP1

Description A cross-site request forgery (CSRF) issue allows remote attackers to hijack the authentication of arbitrary users.

Recommendations For IBM Cognos Express version 9.0, apply IFIX 2 to resolve the issue. For IBM Cognos Express version 9.5, apply IFIX 2 to resolve the issue. For IBM Cognos Express version 10.1, apply IFIX 2 to resolve the issue. For IBM Cognos Express version 10.2.1, apply FP1 to resolve the issue.