CVE-2026-44925
Analyzed Analyzed - Analysis Complete
Cross-Site Request Forgery in InfoScale VIOM

Publication date: 2026-05-20

Last updated on: 2026-05-21

Assigner: MITRE

Description
Cross-Site Request Forgery (CSRF) vulnerability in InfoScale v.9.1.3 Operations Manager (VIOM) allows an attacker to force the user with an active session into clicking a malicious HTML link, which triggers unintended modifications on VIOM web application without the user's knowledge.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-05-20
Last Modified
2026-05-21
Generated
2026-06-10
AI Q&A
2026-05-20
EPSS Evaluated
2026-06-08
NVD
CVE-2026-44925
EUVD
EUVD-2026-31130
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
veritas infoscale_operations_manager to 9.1.3 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-352 The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Compliance Impact

The CVE-2026-44925 describes a Cross-Site Request Forgery (CSRF) vulnerability in InfoScale v.9.1.3 Operations Manager (VIOM) that allows attackers to cause unintended modifications without user knowledge. Such unauthorized modifications and potential data integrity breaches could negatively impact compliance with standards like GDPR and HIPAA, which require strict controls over data access, integrity, and user consent.

However, the provided context and resources do not explicitly discuss the impact of this vulnerability on compliance with GDPR, HIPAA, or other regulations.

Detection Guidance

The provided information does not include specific detection methods or commands to identify the Cross-Site Request Forgery (CSRF) vulnerability in InfoScale v.9.1.3 Operations Manager (VIOM).

Executive Summary

This vulnerability is a Cross-Site Request Forgery (CSRF) issue in InfoScale version 9.1.3 Operations Manager (VIOM). It allows an attacker to trick a user who has an active session into clicking a malicious HTML link. This action causes the VIOM web application to perform unintended modifications without the user's knowledge.

Impact Analysis

The impact of this vulnerability is that an attacker can cause unauthorized changes within the VIOM web application by exploiting a user's active session. This can lead to unintended modifications being made without the user's consent or awareness, potentially compromising the integrity of the system managed by VIOM.

Mitigation Strategies

The provided resources do not specify immediate mitigation steps for the CSRF vulnerability in InfoScale v.9.1.3 Operations Manager (VIOM). However, general best practices for mitigating CSRF vulnerabilities include applying available patches or hot fixes, enforcing user authentication mechanisms such as two-factor authentication, and reviewing user access controls.

Resource 1 mentions deploying hot fixes and patches and configuring two-factor authentication, which may help mitigate security issues in InfoScale Operations Manager.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-44925. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart