CVE-2013-4061

IBM Rational Policy Tester 8.5 - Authenticated Authorization Bypass for Authentication Host Changes

Title source: llm
STIX 2.1

Description

IBM Rational Policy Tester 8.5 before 8.5.0.5 does not properly check authorization for changes to the set of authentication hosts, which allows remote authenticated users to perform spoofing attacks involving an HTTP redirect via unspecified vectors.

References (2)

Core 2
Core References
Various Sources x_refsource_confirm
http://www-01.ibm.com/support/docview.wss?uid=swg21648481
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/86585

Scores

EPSS 0.0088
EPSS Percentile 54.6%

Details

CWE
CWE-287
Status published
Products (5)
ibm/rational_policy_tester 8.5.0.0
ibm/rational_policy_tester 8.5.0.1
ibm/rational_policy_tester 8.5.0.2
ibm/rational_policy_tester 8.5.0.3
ibm/rational_policy_tester 8.5.0.4
Published Sep 09, 2013
Tracked Since Feb 18, 2026