cpe:/a:ibm:change_and_configuration_management_database:6.0 cpe:/a:ibm:change_and_configuration_management_database:7.0 cpe:/a:ibm:maximo_asset_management:6.2.0.0 cpe:/a:ibm:maximo_asset_management:7.1.0.0 cpe:/a:ibm:maximo_asset_management:7.5.0.0 cpe:/a:ibm:maximo_service_desk:6.2 cpe:/a:ibm:smartcloud_control_desk:7.0 cpe:/a:ibm:tivoli_asset_management_for_it:6.0 cpe:/a:ibm:tivoli_asset_management_for_it:6.2 cpe:/a:ibm:tivoli_asset_management_for_it:7.0 cpe:/a:ibm:tivoli_asset_management_for_it:7.1 cpe:/a:ibm:tivoli_asset_management_for_it:7.2 cpe:/a:ibm:tivoli_service_request_manager:7.0 CVE-2012-0714 2012-09-10T13:55:00.977-04:00 2017-08-28T21:31:00.977-04:00 6.8 NETWORK MEDIUM NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2012-09-11T09:13:00.000-04:00 SECUNIA 50551 OSVDB 85179 AIXAPAR IV16085 AIXAPAR IV16497 CONFIRM http://www-01.ibm.com/support/docview.wss?uid=swg21610081 XF ibm-maximo-csrf(73534) Cross-site request forgery (CSRF) vulnerability in IBM Maximo Asset Management 6.2 through 7.5, as used in SmartCloud Control Desk, Tivoli Asset Management for IT, Tivoli Service Request Manager, Maximo Service Desk, and Change and Configuration Management Database (CCMDB), allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.