Unrated severityNVD Advisory· Published Apr 24, 2013· Updated Jun 16, 2026
CVE-2013-1088
CVE-2013-1088
Description
Cross-site request forgery (CSRF) vulnerability in Novell iManager 2.7 before SP6 Patch 1 allows remote attackers to hijack the authentication of arbitrary users by leveraging improper request validation by iManager code deployed within an Apache Tomcat container.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
18cpe:2.3:a:novell:imanager:2.7:*:*:*:*:*:*:*+ 17 more
- cpe:2.3:a:novell:imanager:2.7:*:*:*:*:*:*:*
- cpe:2.3:a:novell:imanager:2.7.1:*:*:*:*:*:*:*
- cpe:2.3:a:novell:imanager:2.7.2:*:*:*:*:*:*:*
- cpe:2.3:a:novell:imanager:2.7.3:*:*:*:*:*:*:*
- cpe:2.3:a:novell:imanager:2.7.3:ftf2:*:*:*:*:*:*
- cpe:2.3:a:novell:imanager:2.7.3:ftf4:*:*:*:*:*:*
- cpe:2.3:a:novell:imanager:2.7.3:sp3:*:*:*:*:*:*
- cpe:2.3:a:novell:imanager:2.7.4:*:*:*:*:*:*:*
- cpe:2.3:a:novell:imanager:2.7.5:*:*:*:*:*:*:*
- cpe:2.3:a:novell:imanager:2.7:refresh6:*:*:*:*:*:*
- cpe:2.3:a:novell:imanager:2.7:sp4:*:*:*:*:*:*
- cpe:2.3:a:novell:imanager:2.7:sp4_patch1:*:*:*:*:*:*
- cpe:2.3:a:novell:imanager:2.7:sp4_patch2:*:*:*:*:*:*
- cpe:2.3:a:novell:imanager:2.7:sp4_patch3:*:*:*:*:*:*
- cpe:2.3:a:novell:imanager:2.7:sp4_patch4:*:*:*:*:*:*
- cpe:2.3:a:novell:imanager:2.7:sp5:*:*:*:*:*:*
- cpe:2.3:a:novell:imanager:*:sp6:*:*:*:*:*:*range: <=2.7
- (no CPE)range: < 2.7 SP6 Patch 1
Patches
Vulnerability mechanics
References
2- www.novell.com/support/kb/doc.phpnvdVendor Advisory
- bugzilla.novell.com/show_bug.cginvd
News mentions
0No linked articles in our index yet.