CVE-2014-3024 Information

Description

Cross-site request forgery (CSRF) vulnerability in IBM Maximo Asset Management 7.1 through 7.1.1.12 and 7.5 through 7.5.0.6 and Maximo Asset Management 7.5.0 through 7.5.0.3 and 7.5.1 through 7.5.1.2 for SmartCloud Control Desk allows remote authenticated users to hijack the authentication of arbitrary users.

Reference

http://secunia.com/advisories/60408 http://www.securitytracker.com/id/1030781 http://www-01.ibm.com/support/docview.wss?uid=swg1IV56643 http://www-01.ibm.com/support/docview.wss?uid=swg21679918 https://exchange.xforce.ibmcloud.com/vulnerabilities/93063