CVE-2013-0452
published 2013-03-29CVE-2013-0452: Cross-site request forgery (CSRF) vulnerability in the Software Use Analysis (SUA) application before 1.3.3 in IBM Tivoli Endpoint Manager 8.2 allows remote…
medium6.8CVSS 3.1
AVNACMAuNCPIPAP
Cross-site request forgery (CSRF) vulnerability in the Software Use Analysis (SUA) application before 1.3.3 in IBM Tivoli Endpoint Manager 8.2 allows remote attackers to hijack the authentication of arbitrary users via a web site that contains crafted Flash Action Message Format (AMF) messages.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| ibm | software_use_analysis | <= 1.3.2 | — |
| ibm | tivoli_endpoint_manager | — | — |