Security Bulletin: A vulnerability in IBM Jazz for Service Management affects IBM Performance Management products (CVE-2016-9975)

Summary IBM Jazz for Service Management is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. Vulnerability Details CVEID: CVE-2016-9975 DESCRIPTION: IBM Jazz for Service Management ...

Security Bulletin: Information disclosure CVE-2016-9975 affects IBM Dashboard Application Services Hub (DASH)

Summary IBM Tivoli Widget Library TWL, a sub component of DASH that in turn is bundled in IBM Jazz for Service Management JazzSM is affected by Cross Site Request Forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts...

CVE-2016-9975

IBM Jazz for Service Management 1.1.2.1 and 1.1.3 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM Reference : 1998714...

CVE-2016-9975

CVE-2016-9975 affects IBM Jazz for Service Management (1.1.2.1 and 1.1.3). The CSRF vulnerability could allow an attacker to perform unauthorized actions authenticated by a trusted user. Connected IBM advisories cite affected products and remediation: IBM Monitoring, IBM Application Diagnostics, ...