SymmetricalDataSecurity: IBM Security Bulletin: Cross-Site Request Forgery (CSRF) vulnerability identified with Jazz for Service Management (JazzSM) v1.1.3 (CVE-2017-1746)

Tuesday, December 19, 2017

IBM Security Bulletin: Cross-Site Request Forgery (CSRF) vulnerability identified with Jazz for Service Management (JazzSM) v1.1.3 (CVE-2017-1746)

IBM Jazz for Service Management is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts.

CVE(s): CVE-2017-1746

Affected product(s) and affected version(s):

Jazz for Service Management version 1.1.3

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://ift.tt/2oLNvxD
X-Force Database: http://ift.tt/2D29T98

The post IBM Security Bulletin: Cross-Site Request Forgery (CSRF) vulnerability identified with Jazz for Service Management (JazzSM) v1.1.3 (CVE-2017-1746) appeared first on IBM PSIRT Blog.

from IBM Product Security Incident Response Team http://ift.tt/2oMPUZ7

SymmetricalDataSecurity

Tuesday, December 19, 2017

IBM Security Bulletin: Cross-Site Request Forgery (CSRF) vulnerability identified with Jazz for Service Management (JazzSM) v1.1.3 (CVE-2017-1746)

No comments:

Post a Comment

Blog Archive

Search This Blog

Total Pageviews