CVE-2012-3309
IBM InfoSphere Guardium < 8.2 - Cross-Site Request Forgery in Account Creation Panel
Title source: llmDescription
Cross-site request forgery (CSRF) vulnerability in the account-creation panel in IBM InfoSphere Guardium 8.2 and earlier, when the CSRF filtering (aka csrf_status) feature is disabled, allows remote attackers to hijack the authentication of administrators for requests that create administrative accounts.
References (5)
Core 5
Core References
Vendor Advisory x_refsource_confirm
http://www.ibm.com/support/docview.wss?uid=swg21609223
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/77745
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id?1027455
Various Sources x_refsource_misc
http://en.securitylab.ru/lab/PT-2012-15
Various Sources x_refsource_misc
http://en.securitylab.ru/lab/
Scores
EPSS
0.0064
EPSS Percentile
46.5%
Details
CWE
CWE-352
Status
published
Products (3)
ibm/infosphere_guardium
8.00
ibm/infosphere_guardium
8.01
ibm/infosphere_guardium
< 8.2
Published
Aug 29, 2012
Tracked Since
Feb 18, 2026