CSRF Vulnerability in IBM Jazz Reporting Service Allows Authentication Hijacking

CSRF Vulnerability in IBM Jazz Reporting Service Allows Authentication Hijacking

CVE-2016-2889 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:P/A:P

Cross-site request forgery (CSRF) vulnerability in the Report Builder and Data Collection Component (DCC) in IBM Jazz Reporting Service (JRS) 5.x before 5.0.2 ifix016, 6.0 and 6.0.1 before 6.0.1 ifix005, and 6.0.2 before ifix002 allows remote authenticated users to hijack the authentication of arbitrary users.

Learn more about our Cis Benchmark Audit For Ibm I.