CVE-2013-4061

CWE-287Improper Authentication3 documents3 sources
Severity
4.0MEDIUM
EPSS
0.1%
top 65.39%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
IBM Rational Policy Tester
Timeline
PublishedSep 9
Latest updateMay 17

Description

IBM Rational Policy Tester 8.5 before 8.5.0.5 does not properly check authorization for changes to the set of authentication hosts, which allows remote authenticated users to perform spoofing attacks involving an HTTP redirect via unspecified vectors.

CVSS vector

AV:N/AC:L/C:N/I:P/A:NExploitability: 8.0 | Impact: 2.9

Affected Packages1 packages

NVDibm/rational_policy_tester5 versions+4

🔴Vulnerability Details

2
GHSA
GHSA-wgmr-5vfc-h3gx: IBM Rational Policy Tester 82022-05-17
CVEList
CVE-2013-4061: IBM Rational Policy Tester 82013-09-09
CVE-2013-4061 (MEDIUM CVSS 4) | IBM Rational Policy Tester 8.5 befo | cvebase.io