2 matches found
Security Bulletin: Fix available for Insecure Direct Object Reference in IBM Cúram Social Program Management (CVE-2018-1362)
Summary IBM Cúram Social Program Management Universal Access is vulnerable to Insecure Direct Object Reference. An authenticated user may have the ability to withdraw another user's submitted applications from the system and possibly obtain privileges. Vulnerability Details CVEID: CVE-2018-1362...
CVE-2018-1362
IBM Cúram Social Program Management (Citizen Portal) is affected by CVE-2018-1362. Affected versions: 7.0.0.0–7.0.1.1, 6.2.0.0–6.2.0.6, 6.1.0.0–6.1.1.6, and 6.0.5.0–6.0.5.10. The vulnerability is an Insecure Direct Object Reference that could let an authenticated user withdraw another user’s subm...