IBM Sterling Order Management 9.2/9.3/9.4/9.5 cross-site request forgery

entryeditHistoryDiffjsonxmlCTI

A vulnerability has been found in IBM Sterling Order Management 9.2/9.3/9.4/9.5 (Business Process Management Software) and classified as problematic. Affected by this vulnerability is an unknown code block. There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.

Timeline

The analysis of the timeline helps to identify the required approach and handling of single vulnerabilities and vulnerability collections. This overview makes it possible to see less important slices and more severe hotspots at a glance. Initiating immediate vulnerability response and prioritizing of issues is possible.

User

Field

Commit Conf

Approve Conf

IDCommitedUserFieldChangeRemarksModeratedReasonC
655717804/01/2017VulD...cvss3_nvd_basescore8.8nist.gov04/01/2017accepted90
655717704/01/2017VulD...0day_days404/01/2017accepted90
655717604/01/2017VulD...cvss3_vuldb_rcX04/01/2017accepted90
655717504/01/2017VulD...cvss3_vuldb_rlX04/01/2017accepted90
655717404/01/2017VulD...cvss3_vuldb_eX04/01/2017accepted90
655717304/01/2017VulD...cvss2_vuldb_rcND04/01/2017accepted90
655717204/01/2017VulD...cvss2_vuldb_rlND04/01/2017accepted90
655717104/01/2017VulD...cvss2_vuldb_eND04/01/2017accepted90
655717004/01/2017VulD...locationWebsite04/01/2017accepted90
655716904/01/2017VulD...securityfocus_titleIBM Sterling Selling and Fulfillment Foundation Cross Site Request Forgery Vulnerabilitysecurityfocus.com04/01/2017accepted100
655716804/01/2017VulD...securityfocus_classDesign Errorsecurityfocus.com04/01/2017accepted100
655716704/01/2017VulD...securityfocus_date1490572800 (03/27/2017)securityfocus.com04/01/2017accepted100
655716604/01/2017VulD...securityfocus97150securityfocus.com04/01/2017accepted100
655716504/01/2017VulD...osvdb_titleCVE-2016-8917 - IBM - Sterling Order Management - Cross-Site Request Forgery Issue04/01/2017accepted100
655716404/01/2017VulD...cve_nvd_summaryIBM Sterling Order Management 9.2 - 9.5 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM Reference #: 2000943.mitre.org04/01/2017accepted100
655716304/01/2017VulD...cve_nvd_published1490918400mitre.org04/01/2017accepted100
655716204/01/2017VulD...cve_assigned1477353600mitre.org04/01/2017accepted100
655716104/01/2017VulD...cveCVE-2016-8917mitre.org04/01/2017accepted100
655716004/01/2017VulD...price_trend+see documentation04/01/2017accepted100
655715904/01/2017VulD...price_0day$5k-$25ksee documentation04/01/2017accepted100

Do you need the next level of professionalism?

Upgrade your account now!