IBM StoredIQ is affected by a cross-site request forgery.
CVEID:CVE-2018-1927
DESCRIPTION: IBM StoredIQ is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts.
CVSS Base Score: 6.5
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/153118> for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N)
Affected Product | Affected Versions |
---|---|
IBM StoredIQ | 7.6.0.0. - 7.6.0.17 |
Product | VRMF | Remediation / First Fix |
---|---|---|
IBM StoredIQ | 7.6.0.17 | Upgrade to latest fix pack 7.6.0.17 and apply Interim Fix 7.6.0.17-IBMStoredIQ-LinuxX86_64-if001 that is available from Fix Central https://www.ibm.com/support/fixcentral/ |
None