Cross-site request forgery (CSRF) vulnerability in the account-creation panel in IBM InfoSphere Guardium 8.2 and previous versions, when the CSRF filtering (aka csrf_status) feature is disabled, allows remote malicious users to hijack the authentication of administrators for requests that create administrative accounts.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
ibm infosphere guardium |
||
ibm infosphere guardium 8.01 |
||
ibm infosphere guardium 8.00 |