CVE-2012-2959

BMC Identity Management Suite 7.5.00.103 - CSRF

Title source: llm

Description

Cross-site request forgery (CSRF) vulnerability in password-manager/changePasswords.do in BMC Identity Management Suite 7.5.00.103 allows remote attackers to hijack the authentication of administrators for requests that change passwords.

Exploits (1)

exploitdb WORKING POC VERIFIED
by Travis Lee · htmlwebappsjava
https://www.exploit-db.com/exploits/37372

References (1)

Scores

EPSS 0.0031
EPSS Percentile 54.4%

Details

CWE
CWE-352
Status published
Products (1)
bmc/identity_management_suite 7.5.00.103
Published Jun 11, 2012
Tracked Since Feb 18, 2026