Unrated severityNVD Advisory· Published Dec 29, 2014· Updated Jun 17, 2026
CVE-2014-6168
CVE-2014-6168
Description
Cross-site request forgery (CSRF) vulnerability in IBM Security Identity Manager 5.1 before 5.1.0.15 IF0056 allows remote authenticated users to hijack the authentication of arbitrary users for requests that insert XSS sequences.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
15cpe:2.3:a:ibm:security_identity_manager:5.1.0:*:*:*:*:*:*:*+ 14 more
- cpe:2.3:a:ibm:security_identity_manager:5.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:security_identity_manager:5.1.0.10:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:security_identity_manager:5.1.0.11:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:security_identity_manager:5.1.0.12:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:security_identity_manager:5.1.0.13:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:security_identity_manager:5.1.0.14:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:security_identity_manager:5.1.0.15:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:security_identity_manager:5.1.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:security_identity_manager:5.1.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:security_identity_manager:5.1.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:security_identity_manager:5.1.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:security_identity_manager:5.1.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:security_identity_manager:5.1.0.8:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:security_identity_manager:5.1.0.9:*:*:*:*:*:*:*
- (no CPE)range: <=5.1.0.15 IF0056 before
Patches
Vulnerability mechanics
References
2- www-01.ibm.com/support/docview.wssnvdVendor Advisory
- exchange.xforce.ibmcloud.com/vulnerabilities/97752nvd
News mentions
0No linked articles in our index yet.