VYPR
← All advisories
Unrated severityNVD Advisory· Published Nov 14, 2012· Updated Apr 29, 2026

CVE-2012-4853

CVE-2012-4853

Description

Cross-site request forgery (CSRF) vulnerability in IBM WebSphere Application Server 6.1 before 6.1.0.45, 7.0 before 7.0.0.25, 8.0 before 8.0.0.5, and 8.5 before 8.5.0.1 allows remote attackers to hijack the authentication of arbitrary users for requests that trigger information disclosure.

Affected products

56
  • IBM/Websphere Application Server56 versions
    cpe:2.3:a:ibm:websphere_application_server:6.1:*:*:*:*:*:*:*+ 55 more
    • cpe:2.3:a:ibm:websphere_application_server:6.1:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_application_server:6.1.0:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_application_server:6.1.0.0:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_application_server:6.1.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_application_server:6.1.0.11:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_application_server:6.1.0.12:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_application_server:6.1.0.15:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_application_server:6.1.0.17:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_application_server:6.1.0.19:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_application_server:6.1.0.2:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_application_server:6.1.0.21:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_application_server:6.1.0.23:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_application_server:6.1.0.25:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_application_server:6.1.0.27:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_application_server:6.1.0.29:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_application_server:6.1.0.3:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_application_server:6.1.0.31:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_application_server:6.1.0.33:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_application_server:6.1.0.35:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_application_server:6.1.0.37:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_application_server:6.1.0.39:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_application_server:6.1.0.41:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_application_server:6.1.0.43:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_application_server:6.1.0.5:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_application_server:6.1.0.7:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_application_server:6.1.0.9:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_application_server:6.1.1:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_application_server:6.1.13:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_application_server:6.1.14:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_application_server:6.1.3:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_application_server:6.1.5:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_application_server:6.1.6:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_application_server:6.1.7:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_application_server:7.0:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_application_server:7.0.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_application_server:7.0.0.11:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_application_server:7.0.0.13:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_application_server:7.0.0.15:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_application_server:7.0.0.17:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_application_server:7.0.0.19:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_application_server:7.0.0.2:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_application_server:7.0.0.21:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_application_server:7.0.0.23:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_application_server:7.0.0.3:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_application_server:7.0.0.4:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_application_server:7.0.0.5:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_application_server:7.0.0.6:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_application_server:7.0.0.7:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_application_server:7.0.0.8:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_application_server:7.0.0.9:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_application_server:8.0.0.0:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_application_server:8.0.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_application_server:8.0.0.2:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_application_server:8.0.0.3:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_application_server:8.0.0.4:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:websphere_application_server:8.5.0.0:*:*:*:*:*:*:*

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

4

News mentions

0

No linked articles in our index yet.