CVE-2014-3024
Cross-site request forgery (CSRF) vulnerability in IBM Maximo Asset Management 7.1 through 7.1.1.12 and 7.5 through 7.5.0.6 and Maximo Asset Management 7.5.0 through 7.5.0.3 and 7.5.1 through 7.5.1.2 for SmartCloud Control Desk allows remote authenticated users to hijack the authentication of arbitrary users.
View on NVDSeverity
N/A
EPSS
Probability of exploitation (next 30 days): 0.0015 (0.2%)
Percentile: 35.4%
EPSS: 2026-05-06
Affects
ibm:smartcloud_control_deskibm:maximo_asset_managementTechnical description
Cross-site request forgery (CSRF) vulnerability in IBM Maximo Asset Management 7.1 through 7.1.1.12 and 7.5 through 7.5.0.6 and Maximo Asset Management 7.5.0 through 7.5.0.3 and 7.5.1 through 7.5.1.2 for SmartCloud Control Desk allows remote authenticated users to hijack the authentication of arbitrary users.
Published: 8/29/2014, 9:55:07 AM
Last modified: 5/6/2026, 10:30:45 PM
References
- http://secunia.com/advisories/60408
- http://www-01.ibm.com/support/docview.wss?uid=swg1IV56643
- http://www-01.ibm.com/support/docview.wss?uid=swg21679918
- http://www.securitytracker.com/id/1030781
- https://exchange.xforce.ibmcloud.com/vulnerabilities/93063
- http://secunia.com/advisories/60408
- http://www-01.ibm.com/support/docview.wss?uid=swg1IV56643
- http://www-01.ibm.com/support/docview.wss?uid=swg21679918