PT-2014-7081 · Ibm · Ibm Security Identity Manager

Published

2014-12-29

·

Updated

2017-09-08

·

CVE-2014-6168

CVSS v2.0

6.0

Medium

VectorAV:N/AC:M/Au:S/C:P/I:P/A:P
Name of the Vulnerable Software and Affected Versions IBM Security Identity Manager version 5.1 before 5.1.0.15 IF0056
Description A cross-site request forgery (CSRF) issue allows remote authenticated users to hijack the authentication of arbitrary users for requests that insert XSS sequences.
Recommendations For IBM Security Identity Manager version 5.1 before 5.1.0.15 IF0056, update to version 5.1.0.15 IF0056 or later to resolve the issue.

Fix

CSRF

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-352

Related Identifiers

CVE-2014-6168

Affected Products

Ibm Security Identity Manager