SymmetricalDataSecurity: IBM Security Bulletin: IBM QRadar Incident Forensics is vulnerable to overly permissive CORS access policies (CVE-2016-9725)

Thursday, March 2, 2017

IBM Security Bulletin: IBM QRadar Incident Forensics is vulnerable to overly permissive CORS access policies (CVE-2016-9725)

IBM QRadar Incident Forensics is affected by Cross-Origin Resource Sharing (CORS) which is a mechanism that allows web sites to request resources from external sites, avoiding the need to duplicate them.

CVE(s): CVE-2016-9725

Affected product(s) and affected version(s):

• IBM QRadar SIEM 7.2.n

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://ift.tt/2miHQfZ
X-Force Database: http://ift.tt/2mPqbJD

The post IBM Security Bulletin: IBM QRadar Incident Forensics is vulnerable to overly permissive CORS access policies (CVE-2016-9725) appeared first on IBM PSIRT Blog.

from IBM Product Security Incident Response Team http://ift.tt/2miK2Ej

SymmetricalDataSecurity

Thursday, March 2, 2017

IBM Security Bulletin: IBM QRadar Incident Forensics is vulnerable to overly permissive CORS access policies (CVE-2016-9725)

No comments:

Post a Comment

Blog Archive

Search This Blog

Total Pageviews