CVE-2014-0961

Name of the Vulnerable Software and Affected Versions IBM Tivoli Identity Manager versions 5.0 through 5.0.0.15 IBM Tivoli Identity Manager versions 5.1 through 5.1.0.15 IBM Security Identity Manager versions 6.0 through 6.0.0.2

Description A cross-site request forgery (CSRF) issue allows remote authenticated users to hijack the authentication of arbitrary users for requests that insert XSS sequences.

Recommendations For IBM Tivoli Identity Manager versions 5.0 through 5.0.0.15, update to version 5.0.0.15 or later. For IBM Tivoli Identity Manager versions 5.1 through 5.1.0.15, update to version 5.1.0.15 or later. For IBM Security Identity Manager versions 6.0 through 6.0.0.2, update to version 6.0.0.2 or later.