PT-2014-5028 · Ibm · Ibm Maximo Asset Management
Publicado
2014-08-29
·
Atualizado
2017-08-29
·
CVE-2014-3024
CVSS v2.0
6.0
Média
| Vetor | AV:N/AC:M/Au:S/C:P/I:P/A:P |
Name of the Vulnerable Software and Affected Versions
IBM Maximo Asset Management versions 7.1 through 7.1.1.12
IBM Maximo Asset Management versions 7.5 through 7.5.0.6
IBM Maximo Asset Management versions 7.5.0 through 7.5.0.3
IBM Maximo Asset Management versions 7.5.1 through 7.5.1.2
Description
A cross-site request forgery (CSRF) issue allows remote authenticated users to hijack the authentication of arbitrary users.
Recommendations
For IBM Maximo Asset Management versions 7.1 through 7.1.1.12, update to a version outside of this range to resolve the issue.
For IBM Maximo Asset Management versions 7.5 through 7.5.0.6, update to a version outside of this range to resolve the issue.
For IBM Maximo Asset Management versions 7.5.0 through 7.5.0.3, update to a version outside of this range to resolve the issue.
For IBM Maximo Asset Management versions 7.5.1 through 7.5.1.2, update to a version outside of this range to resolve the issue.
Correção
CSRF
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Ibm Maximo Asset Management