Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ibmIBM0A3E4F2FD1D583C72A0BC1ACA9000BAD51B69B0FA9EE2D72FC3E0F967ED7CA1D
HistoryJun 17, 2018 - 10:23 p.m.

Security Bulletin: IBM Kenexa LCMS Premier on Cloud has addressed (CVE-2016-5949)

2018-06-1722:23:17
www.ibm.com
7

EPSS

0.001

Percentile

18.9%

JSON

Summary

IBM Kenexa LCMS Premier on Cloud 10.1 has addressed a vulnerability that could allow an authenticated user to obtain sensitive user data with specically crafted HTTP request

Vulnerability Details

CVEID: CVE-2016-5949**
DESCRIPTION:** IBM Kenexa LCMS Premier on Cloud could allow an authenticated user to obtain sensitive user data with a specially crafted HTTP request.
CVSS Base Score: 4.3
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/116094 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N)

Affected Products and Versions

9.1, 9.2, 9.3, 9.4, 9.5 10.0, 10.1

Remediation/Fixes

This issue has been addressed in IBM Kenexa LCMS Premier 10.1

Customers who are using an affected version should visit IBM Support Portal and open a Service Request (SR) to request an upgrade to latest fixed release.

<https://www-947.ibm.com/support/entry/portal&gt;

Related

cvelist 1
nvd 1
prion 1
cve 1
cvelist
cvelist
CVE-2016-5949
2017-02-01 20:00:00
nvd
nvd
CVE-2016-5949
2017-02-01 20:59:01
prion
prion
Cross site request forgery (csrf)
2017-02-01 20:59:00
cve
cve
CVE-2016-5949
2017-02-01 20:59:01

EPSS

0.001

Percentile

18.9%

JSON
Related for 0A3E4F2FD1D583C72A0BC1ACA9000BAD51B69B0FA9EE2D72FC3E0F967ED7CA1D
cvelist1nvd1prion1cve1