CVE-2012-0748

high

Description

Multiple cross-site request forgery (CSRF) vulnerabilities in unspecified services in IBM Rational Team Concert (RTC) 4.x before 4.0.0.1 allow remote attackers to hijack the authentication of arbitrary users for requests that modify work items.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/74736

http://www.securityfocus.com/bid/55730

http://www-01.ibm.com/support/docview.wss?uid=swg21612356

http://secunia.com/advisories/50789

Details

Source: Mitre, NVD

Published: 2012-10-01

Updated: 2026-06-16

Risk Information

CVSS v2

Base Score: 6.8

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P

Severity: Medium

CVSS v3

Base Score: 8.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Severity: High

EPSS

EPSS: 0.00126