PT-2013-4797 · Ibm · Infosphere Optim Configuration Manager+3
Published
2013-09-25
·
Updated
2017-08-29
·
CVE-2013-4022
CVSS v2.0
3.5
Low
| Vector | AV:N/AC:M/Au:S/C:P/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
IBM Data Studio Web Console versions 3.x before 3.2
Optim Performance Manager versions 5.x before 5.2
InfoSphere Optim Configuration Manager versions 2.x before 2.2
DB2 Recovery Expert versions 2.x
Description
The issue allows remote authenticated users to bypass intended access restrictions. This is due to unspecified authentication information being stored in a cookie.
Recommendations
For IBM Data Studio Web Console versions 3.x before 3.2, update to version 3.2 or later.
For Optim Performance Manager versions 5.x before 5.2, update to version 5.2 or later.
For InfoSphere Optim Configuration Manager versions 2.x before 2.2, update to version 2.2 or later.
For DB2 Recovery Expert versions 2.x, update to a version that does not store unspecified authentication information in a cookie.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Db2 Recovery Expert
Ibm Data Studio Web Console
Infosphere Optim Configuration Manager
Optim Performance Manager