CVE-2014-0961

Published: Jun 8, 2014Modified: May 6, 2026

6.0

Vector

AV:N/AC:M/Au:S/C:P/I:P/A:P

Exploitability: 6.8 / Impact: 6.4

Source: NVD

Description

Cross-site request forgery (CSRF) vulnerability in IBM Tivoli Identity Manager (ITIM) 5.0 before 5.0.0.15 and 5.1 before 5.1.0.15 and IBM Security Identity Manager (ISIM) 6.0 before 6.0.0.2 allows remote authenticated users to hijack the authentication of arbitrary users for requests that insert XSS sequences.

Affected (22)

Products: Ibm: Security Identity Manager, Tivoli Identity Manager

Ibm

2 products

Security Identity Manager

Tivoli Identity Manager

Configuration A

22 vulnerable

Vulnerable Software	Affected Versions
Ibm Security Identity Manager	Version 6.0.0.1
Ibm Security Identity Manager	Version 6.0.0
Ibm Tivoli Identity Manager	Version 5.0.0.10
Ibm Tivoli Identity Manager	Version 5.0.0.11
Ibm Tivoli Identity Manager	Version 5.0.0.12
Ibm Tivoli Identity Manager	Version 5.0.0.13
Ibm Tivoli Identity Manager	Version 5.0.0.14
Ibm Tivoli Identity Manager	Version 5.0.0.6
Ibm Tivoli Identity Manager	Version 5.0.0
Ibm Tivoli Identity Manager	Version 5.1.0.10
Ibm Tivoli Identity Manager	Version 5.1.0.11
Ibm Tivoli Identity Manager	Version 5.1.0.12
Ibm Tivoli Identity Manager	Version 5.1.0.13
Ibm Tivoli Identity Manager	Version 5.1.0.14
Ibm Tivoli Identity Manager	Version 5.1.0.3
Ibm Tivoli Identity Manager	Version 5.1.0.4
Ibm Tivoli Identity Manager	Version 5.1.0.5
Ibm Tivoli Identity Manager	Version 5.1.0.6
Ibm Tivoli Identity Manager	Version 5.1.0.7
Ibm Tivoli Identity Manager	Version 5.1.0.8
Ibm Tivoli Identity Manager	Version 5.1.0.9
Ibm Tivoli Identity Manager	Version 5.1.0