Skip to main content

Dashboard Application Services Hub

2 CVEs product

Monthly

CVE-2016-9975 HIGH PATCH This Week

IBM Jazz for Service Management 1.1.2.1 and 1.1.3 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Request Forgery (CSRF) vulnerability could allow attackers to trick authenticated users into performing unintended actions.

CSRF IBM Dashboard Application Services Hub
NVD
CVSS 3.0
8.8
EPSS
0.2%
CVE-2016-5935 MEDIUM This Month

IBM Jazz for Service Management could allow a remote attacker to obtain sensitive information, caused by the failure to properly validate the SSL certificate. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

IBM Information Disclosure Dashboard Application Services Hub
NVD
CVSS 3.0
5.9
EPSS
0.1%
EPSS 0% CVSS 8.8
HIGH PATCH This Week

IBM Jazz for Service Management 1.1.2.1 and 1.1.3 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Request Forgery (CSRF) vulnerability could allow attackers to trick authenticated users into performing unintended actions.

CSRF IBM Dashboard Application Services Hub
NVD
EPSS 0% CVSS 5.9
MEDIUM This Month

IBM Jazz for Service Management could allow a remote attacker to obtain sensitive information, caused by the failure to properly validate the SSL certificate. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

IBM Information Disclosure Dashboard Application Services Hub
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy