IBM Security Bulletin: A vulnerability in IBM Jazz for Service Management affects IBM Performance Management products (CVE-2016-9975)
IBM Jazz for Service Management is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts.
CVE(s): CVE-2016-9975
Affected product(s) and affected version(s):
IBM Monitoring 8.1.2 and 8.1.3
IBM Application Diagnostics 8.1.2 and 8.1.3
IBM Application Performance Management 8.1.2 and 8.1.3
IBM Application Performance Management Advanced 8.1.2 and 8.1.3
Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://ift.tt/2m32Fff
X-Force Database: http://ift.tt/2kQux6T
The post IBM Security Bulletin: A vulnerability in IBM Jazz for Service Management affects IBM Performance Management products (CVE-2016-9975) appeared first on IBM PSIRT Blog.
from IBM Product Security Incident Response Team http://ift.tt/2mD7pVO