Home Unlabelled IBM Security Bulletin: IBM Security Key Lifecycle Manager is affected by Cross-Site Request Forgery (CVE-2017-1672)

IBM Security Bulletin: IBM Security Key Lifecycle Manager is affected by Cross-Site Request Forgery (CVE-2017-1672)

By
Wednesday, January 03, 2018
Read
Add Comment

IBM Security Key Lifecycle Manager is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts.

CVE(s): CVE-2017-1672

Affected product(s) and affected version(s):

IBM Security Key Lifecycle Manager v2.6 – 2.6.0.3

IBM Security Key Lifecycle Manager: v2.7 – 2.7.0.2

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://ift.tt/2lOcrk2
X-Force Database: http://ift.tt/2qkICfX

The post IBM Security Bulletin: IBM Security Key Lifecycle Manager is affected by Cross-Site Request Forgery (CVE-2017-1672) appeared first on IBM PSIRT Blog.



from IBM Product Security Incident Response Team http://ift.tt/2ELLju9
Tags :

Created By Nexus · Powered by Blogger
© All Rights Reserved

Terms Of Service · Privacy Policy · Disclaimer · Contact Us · About Us