RETIRED: IBM InfoSphere BigInsights Multiple Security Vulnerabilities

IBM InfoSphere BigInsights is prone to a spoofing vulnerability, a cross-site scripting vulnerability, and a cross-site request-forgery vulnerability.

An attacker may exploit these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site, steal cookie-based authentication credentials, perform unauthorized actions, and disclose or modify sensitive information, conduct spoofing attacks, and gain access to sensitive information. Other attacks may also be possible.

This BID is being retired. The following individual records exist to better document the issues:

61842 IBM InfoSphere BigInsights CVE-2013-3992 Cross Site Request Forgery Vulnerability
61845 IBM InfoSphere BigInsights CVE-2013-3995 Cross Site Scripting Vulnerability
61846 IBM InfoSphere BigInsights CVE-2013-3996 Unspecified Spoofing Vulnerability


Privacy Statement
Copyright 2010, SecurityFocus