CVE-2013-0452 Information

Description

Cross-site request forgery (CSRF) vulnerability in the Software Use Analysis (SUA) application before 1.3.3 in IBM Tivoli Endpoint Manager 8.2 allows remote attackers to hijack the authentication of arbitrary users via a web site that contains crafted Flash Action Message Format (AMF) messages.

Reference

http://www-01.ibm.com/support/docview.wss?uid=swg1IV38145 http://www-01.ibm.com/support/docview.wss?uid=swg21631350 https://exchange.xforce.ibmcloud.com/vulnerabilities/80968