CVE-2016-8941

2017-02-0120:00:00

ibm

www.cve.org

AI Score

8.7

Confidence

High

EPSS

0.001

Percentile

30.8%

JSON

IBM Tivoli Storage Productivity Center is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts.

CNA Affected

[
  {
    "product": "Spectrum Control Standard Select Edition",
    "vendor": "IBM Corporation",
    "versions": [
      {
        "status": "affected",
        "version": "5.1"
      },
      {
        "status": "affected",
        "version": "5.1.1"
      },
      {
        "status": "affected",
        "version": "5.2"
      },
      {
        "status": "affected",
        "version": "5.2.1"
      },
      {
        "status": "affected",
        "version": "5.2.2"
      },
      {
        "status": "affected",
        "version": "5.2.3"
      },
      {
        "status": "affected",
        "version": "5.2.4"
      },
      {
        "status": "affected",
        "version": "5.2.5"
      },
      {
        "status": "affected",
        "version": "5.2.6"
      },
      {
        "status": "affected",
        "version": "5.2.7"
      },
      {
        "status": "affected",
        "version": "5.2.8"
      },
      {
        "status": "affected",
        "version": "5.2.9"
      },
      {
        "status": "affected",
        "version": "5.2.10"
      },
      {
        "status": "affected",
        "version": "5.2.11"
      }
    ]
  }
]

References

www.ibm.com/support/docview.wss?uid=swg21995128

www.securityfocus.com/bid/94914