IBM : Security Vulnerabilities, CVEs, (CSRF) CVSS score >= 7
IBM Maximo Asset Management 7.6.1.3 and Manage Component 8.10 through 8.11 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 271843.
Max CVSS
8.8
EPSS Score
0.06%
Published
2024-01-19
Updated
2024-01-24
IBM CICS TX Standard 11.1, Advanced 10.1, 11.1, and TXSeries for Multiplatforms 8.1, 8.2, 9.1 are vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 266057.
Max CVSS
8.8
EPSS Score
0.06%
Published
2023-11-03
Updated
2023-11-09
IBM InfoSphere Information Server 11.7 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 260585.
Max CVSS
8.8
EPSS Score
0.05%
Published
2023-12-01
Updated
2023-12-04
IBM InfoSphere Information Server 11.7 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 245400.
Max CVSS
8.8
EPSS Score
0.05%
Published
2023-08-28
Updated
2023-08-29
IBM Business Automation Workflow 18.0.0, 18.0.1, 18.0.2, 19.0.1, 19.0.2, 19.0.3, 20.0.1, 20.0.2, 20.0.3, 21.0.1, 21.0.2, 21.0.3, and 22.0.1 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 238054.
Max CVSS
8.8
EPSS Score
0.06%
Published
2023-01-04
Updated
2023-01-10
IBM Db2U 3.5, 4.0, and 4.5 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 237210.
Max CVSS
8.8
EPSS Score
0.06%
Published
2022-12-12
Updated
2022-12-14
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.8 and 6.1.0.0 through 6.1.2.1 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 230824.
Max CVSS
8.8
EPSS Score
0.05%
Published
2023-11-22
Updated
2023-11-29
IBM Security Verify Information Queue 10.0.2 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 230814.
Max CVSS
8.8
EPSS Score
0.07%
Published
2022-07-26
Updated
2022-08-02
IBM Security Verify Information Queue 10.0.2 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 230812.
Max CVSS
8.8
EPSS Score
0.07%
Published
2022-07-25
Updated
2022-07-29
IBM CICS TX 11.1 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 229331.
Max CVSS
8.8
EPSS Score
0.14%
Published
2022-08-01
Updated
2022-08-05
IBM DataPower Gateway V10CD, 10.0.1, and 2018.4.1 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 228357.
Max CVSS
8.8
EPSS Score
0.07%
Published
2022-08-26
Updated
2022-08-31
"IBM InfoSphere Information Server 11.7 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a "user that the website trusts. IBM X-Force ID: 227295.
Max CVSS
8.8
EPSS Score
0.06%
Published
2022-11-03
Updated
2022-11-04
IBM WebSphere Automation for Cloud Pak for Watson AIOps 1.4.2 is vulnerable to cross-site request forgery, caused by improper cookie attribute setting. IBM X-Force ID: 226449.
Max CVSS
8.8
EPSS Score
0.07%
Published
2022-10-07
Updated
2022-10-09
IBM Spectrum Copy Data Management 2.2.0.0through 2.2.15.0 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 225887.
Max CVSS
8.8
EPSS Score
0.07%
Published
2022-06-10
Updated
2022-06-17
IBM Spectrum Protect Operations Center 8.1.0.000 through 8.1.13.xxx is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 220048.
Max CVSS
8.8
EPSS Score
0.07%
Published
2022-03-14
Updated
2022-03-22
IBM Financial Transaction Manager 3.2.4 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 214210.
Max CVSS
8.8
EPSS Score
0.07%
Published
2022-02-02
Updated
2022-02-05
IBM Cognos Analytics 11.1.7, 11.2.0, and 11.1.7 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 209399.
Max CVSS
8.8
EPSS Score
0.15%
Published
2022-04-22
Updated
2022-06-03
IBM InfoSphere Information Server 11.7 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 207123.
Max CVSS
8.8
EPSS Score
0.07%
Published
2021-11-02
Updated
2021-11-03
IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 6.1.1.0 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 204913.
Max CVSS
8.8
EPSS Score
0.07%
Published
2021-10-06
Updated
2021-10-14
IBM QRadar User Behavior Analytics 4.1.1 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 202168.
Max CVSS
8.8
EPSS Score
0.07%
Published
2021-08-02
Updated
2021-08-06
IBM Cognos Analytics 11.1.7 and 11.2.0 is vulnerable to cross-site request forgery (CSRF) in the My Inbox page which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 202167.
Max CVSS
8.8
EPSS Score
0.14%
Published
2021-12-03
Updated
2022-01-04
IBM Sterling File Gateway 2.2.0.0 through 6.1.1.0 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 197790.
Max CVSS
8.8
EPSS Score
0.07%
Published
2021-10-07
Updated
2021-10-16
IBM Security Verify Information Queue 1.0.6 and 1.0.7 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts.
Max CVSS
8.8
EPSS Score
0.07%
Published
2021-02-11
Updated
2021-02-12
IBM Curam Social Program Management 7.0.9 and 7.0.11 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 191942.
Max CVSS
8.8
EPSS Score
0.07%
Published
2021-01-04
Updated
2021-01-06
IBM MQ Appliance 9.1 and 9.2 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 191815.
Max CVSS
8.8
EPSS Score
0.07%
Published
2021-07-12
Updated
2021-07-14