SymmetricalDataSecurity: IBM Security Bulletin: IBM Sterling Order Management is affected by a vulnerability (CVE-2016-5953)

Thursday, January 12, 2017

IBM Security Bulletin: IBM Sterling Order Management is affected by a vulnerability (CVE-2016-5953)

IBM Sterling Order Management is vulnerable by exposing the session identifier on an error page

CVE(s): CVE-2016-5953

Affected product(s) and affected version(s):

IBM Sterling Selling and Fulfillment Foundation 9.1.0
IBM Sterling Selling and Fulfillment Foundation 9.2.0
IBM Sterling Selling and Fulfillment Foundation 9.2.1
IBM Sterling Selling and Fulfillment Foundation 9.3
IBM Sterling Selling and Fulfillment Foundation 9.4
IBM Sterling Selling and Fulfillment Foundation 9.5

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://ift.tt/2hBv6iH
X-Force Database: http://ift.tt/2jI44Y5

from IBM Product Security Incident Response Team http://ift.tt/2iL921U

SymmetricalDataSecurity

Thursday, January 12, 2017

IBM Security Bulletin: IBM Sterling Order Management is affected by a vulnerability (CVE-2016-5953)

No comments:

Post a Comment

Blog Archive

Search This Blog

Total Pageviews