1. Home
  2. CVE Database
  3. CVE-2012-0714
MEDIUM · 6.8

CVE-2012-0714

Cross-site request forgery (CSRF) vulnerability in IBM Maximo Asset Management 6.2 through 7.5, as used in SmartCloud Control Desk, Tivoli Asset Management for IT, Tivoli Service Request Manager, Maxi...

Vulnerability Description

Cross-site request forgery (CSRF) vulnerability in IBM Maximo Asset Management 6.2 through 7.5, as used in SmartCloud Control Desk, Tivoli Asset Management for IT, Tivoli Service Request Manager, Maximo Service Desk, and Change and Configuration Management Database (CCMDB), allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.

CVSS Score

6.8

MEDIUM

AV:N/AC:M/Au:N/C:P/I:P/A:P
Confidentiality
PARTIAL
Integrity
PARTIAL
Availability
PARTIAL

Affected Products

VendorProductVersions
IbmChange And Configuration Management Database6.0
IbmMaximo Asset Management6.2.0.0
IbmMaximo Service Desk6.2
IbmSmartcloud Control Desk7.0
IbmTivoli Asset Management For It6.0
IbmTivoli Service Request Manager7.0

Related Weaknesses (CWE)

CWE-352

References

FAQ

What is CVE-2012-0714?

CVE-2012-0714 is a vulnerability with a CVSS score of 6.8 (MEDIUM). Cross-site request forgery (CSRF) vulnerability in IBM Maximo Asset Management 6.2 through 7.5, as used in SmartCloud Control Desk, Tivoli Asset Management for IT, Tivoli Service Request Manager, Maxi...

How severe is CVE-2012-0714?

CVE-2012-0714 has been rated MEDIUM with a CVSS base score of 6.8/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2012-0714?

Check the references section above for vendor advisories and patch information. Affected products include: Ibm Change And Configuration Management Database, Ibm Maximo Asset Management, Ibm Maximo Service Desk, Ibm Smartcloud Control Desk, Ibm Tivoli Asset Management For It.