Atlas eDiscovery Process Management has addressed vulnerablility due to SQL injection, where a remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database.
CVE(s): CVE-2017-1356
Affected product(s) and affected version(s):
Atlas eDiscovery Process Management 6.0.3 – 6.0.3.5
Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://ift.tt/2i3eKNX
X-Force Database: http://ift.tt/2jykvDW
The post IBM Security Bulletin: IBM Atlas eDiscovery Process Management vulnerable to SQL injection. appeared first on IBM PSIRT Blog.
from IBM Product Security Incident Response Team http://ift.tt/2i3eNcB
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.