IBM : Security Vulnerabilities, CVEs, Published In 2012 (Information Leak) CVSS score >= 6
Cross-site request forgery (CSRF) vulnerability in IBM WebSphere Application Server 6.1 before 6.1.0.45, 7.0 before 7.0.0.25, 8.0 before 8.0.0.5, and 8.5 before 8.5.0.1 allows remote attackers to hijack the authentication of arbitrary users for requests that trigger information disclosure.
Max CVSS
6.8
EPSS Score
0.13%
Published
2012-11-14
Updated
2017-08-29
IBM Rational AppScan Enterprise 5.x and 8.x before 8.5.0.1 does not prevent service-account impersonation, which allows remote authenticated users to read arbitrary files via unspecified vectors.
Max CVSS
6.8
EPSS Score
0.23%
Published
2012-05-03
Updated
2017-08-29
2 vulnerabilities found