IBM StoredIQ has addressed the following vulnerability: Cross-site request forgery.
CVEID:CVE-2019-4167
DESCRIPTION: IBM StoredIQ is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts.
CVSS Base Score: 4.3
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/158700> for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N)
Affected Product | Affected Versions |
---|---|
IBM StoredIQ | 7.6.0.0. - 7.6.0.18 |
Product | VRMF | Remediation / First Fix |
---|---|---|
IBM StoredIQ | 7.6.0.0 - 7.6.0.18 | After upgrading to fix pack 7.6.0.18, apply fix pack 7.6.0.19 that is available from Fix Central https://www.ibm.com/support/fixcentral/ |
None