CVE-2013-0532

Published: Mar 29, 2013Modified: Apr 29, 2026

6.8

Vector

AV:N/AC:M/Au:N/C:P/I:P/A:P

Exploitability: 8.6 / Impact: 6.4

Source: NVD

Description

Cross-site request forgery (CSRF) vulnerability in IBM Security AppScan Enterprise 5.6 and 8.x before 8.7 and IBM Rational Policy Tester 5.6 and 8.x before 8.5.0.4 allows remote attackers to hijack the authentication of arbitrary users for requests that cause a denial of service via malformed HTTP data.

Affected (22)

Products: Ibm: Security Appscan, Rational Policy Tester

Ibm

2 products

Security Appscan

Rational Policy Tester

Configuration A

12 vulnerable

Vulnerable Software	Affected Versions
Ibm Security Appscan	Version 5.6.0.0
Ibm Security Appscan	Version 8.0.0.0
Ibm Security Appscan	Version 8.0.0.1
Ibm Security Appscan	Version 8.0.0.2
Ibm Security Appscan	Version 8.0.1.0
Ibm Security Appscan	Version 8.0.1.1
Ibm Security Appscan	Version 8.0.11
Ibm Security Appscan	Version 8.5.0.0
Ibm Security Appscan	Version 8.5.0.1
Ibm Security Appscan	Version 8.6.0.0
Ibm Security Appscan	Version 8.6.0.1
Ibm Security Appscan	Version 8.6.0.2

Configuration B

10 vulnerable

Vulnerable Software	Affected Versions
Ibm Rational Policy Tester	Version 5.6.0.0
Ibm Rational Policy Tester	Version 8.0.0.0
Ibm Rational Policy Tester	Version 8.0.0.1
Ibm Rational Policy Tester	Version 8.0.0.2
Ibm Rational Policy Tester	Version 8.0.1.0
Ibm Rational Policy Tester	Version 8.0.1.1
Ibm Rational Policy Tester	Version 8.5.0.0
Ibm Rational Policy Tester	Version 8.5.0.1
Ibm Rational Policy Tester	Version 8.5.0.2
Ibm Rational Policy Tester	Version 8.5.0.3