PT-2013-2439 · Ibm · Ibm Data Growth Solution For Oracle E-Business Suite+1

Published

2013-10-10

Updated

2017-08-29

CVE-2013-0580

CVSS v2.0

4.9

Medium

Vector

AV:A/AC:M/Au:S/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions IBM Data Growth Solution for Oracle E-business Suite versions 6.0 through 9.1

Description A cross-site request forgery (CSRF) issue exists, allowing remote authenticated users to hijack the authentication of arbitrary users. This occurs in the Optim E-Business Console.

Recommendations For versions 6.0 through 9.1, update to a version that includes a fix for this issue to prevent CSRF attacks. As a temporary workaround, consider implementing additional authentication checks to minimize the risk of exploitation.

Fix

CSRF

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-352

Related Identifiers

CVE-2013-0580

Affected Products

Ibm Data Growth Solution For Oracle E-Business Suite

Optim E-Business Console

PT-2013-2439 · Ibm · Ibm Data Growth Solution For Oracle E-Business Suite+1

CVE-2013-0580

Weakness Enumeration

Related Identifiers

Affected Products

References · 3