Home Unlabelled IBM Fix available for Insecure Direct Object Reference in IBM Cúram Social Program Management (CVE-2018-1362)

IBM Fix available for Insecure Direct Object Reference in IBM Cúram Social Program Management (CVE-2018-1362)

By
Monday, January 15, 2018
Read
Add Comment

IBM Cúram Social Program Management Universal Access is vulnerable to Insecure Direct Object Reference. An authenticated user may have the ability to withdraw another user’s submitted applications from the system and possibly obtain privileges.

CVE(s): CVE-2018-1362

Affected product(s) and affected version(s):

IBM Cúram Social Program Management 7.0.0.0 – 7.0.1.1
IBM Cúram Social Program Management 6.2.0.0 – 6.2.0.6
IBM Cúram Social Program Management 6.1.0.0 – 6.1.1.6
IBM Cúram Social Program Management 6.0.5.0 – 6.0.5.10
Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://ift.tt/2EITVkg
X-Force Database: http://ift.tt/2FEBkHf

The post IBM Fix available for Insecure Direct Object Reference in IBM Cúram Social Program Management (CVE-2018-1362) appeared first on IBM PSIRT Blog.



from IBM Product Security Incident Response Team http://ift.tt/2EIxI5Q
Tags :

Created By Nexus · Powered by Blogger
© All Rights Reserved

Terms Of Service · Privacy Policy · Disclaimer · Contact Us · About Us