CVE-2011-4820

Name of the Vulnerable Software and Affected Versions IBM Rational Asset Manager versions 7.5

Description The issue is related to insufficient access control in the processing of the UID parameter, allowing a remote attacker to bypass security restrictions. This could enable an attacker to modify another user's preferences.

Recommendations For IBM Rational Asset Manager version 7.5, consider restricting access to the UID parameter to prevent unauthorized modifications until a fix is available. As a temporary workaround, limit the ability to modify user preferences to authorized personnel only.