CVE-2016-3004

Cross-site request forgery (CSRF) vulnerability in IBM Connections 4.0 through CR4, 4.5 through CR5, and 5.0 before CR4 allows remote authenticated users to hijack the authentication of arbitrary users for requests that modify the set of available applications.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:ibm:connections:4.0.0.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:connections:4.5.0.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:connections:5.0.0.0:*:*:*:*:*:*:*

History

No history.

Information

Published : 2016-11-30 11:59

Updated : 2024-02-28 15:44


NVD link : CVE-2016-3004

Mitre link : CVE-2016-3004

CVE.ORG link : CVE-2016-3004


JSON object : View

Products Affected

ibm

  • connections
CWE
CWE-352

Cross-Site Request Forgery (CSRF)