virus logo Intrusion Prevention

IBM.OmniFind.Security.Do.CSRF

description-logoDescription

This indicates an attempt to exploit a Cross Site Request Forgery (CSRF) vulnerability in the administrator interface of IBM OmniFind Enterprise Edition.
The vulnerability is due to input validation errors in the "security.do" script. It can be exploited by attackers to cause malicious script code to be executed by a user's browser.

affected-products-logoAffected Products

IBM OmniFind Enterprise Edition before 9.1

Impact logoImpact

System Compromise: Remote script execution.

recomended-action-logoRecommended Actions

Contact your vendor for upgrade or patch information.

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)

Version Updates

Date Version Detail
2021-01-11 16.995
ID 26018
Created Jun 08, 2011
Updated Nov 03, 2021
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon lightgray-background-circle-icon
CVE ID CVE-2010-3891
Exploit Prediction Score 0.5%
Default Action drop
Active
Affected OS All
Affected App IBM