CVE-2013-4061

IBM Rational Policy Tester - Authentication Bypass

Title source: rule

Description

IBM Rational Policy Tester 8.5 before 8.5.0.5 does not properly check authorization for changes to the set of authentication hosts, which allows remote authenticated users to perform spoofing attacks involving an HTTP redirect via unspecified vectors.

References (2)

Scores

EPSS 0.0014
EPSS Percentile 34.4%

Classification

CWE
CWE-287
Status draft

Affected Products (5)

ibm/rational_policy_tester
ibm/rational_policy_tester
ibm/rational_policy_tester
ibm/rational_policy_tester
ibm/rational_policy_tester

Timeline

Published Sep 09, 2013
Tracked Since Feb 18, 2026