Vulnerabilities > IBM > Dashboard Application Services HUB

DATE CVE VULNERABILITY TITLE RISK
2017-02-24 CVE-2016-9975 Cross-Site Request Forgery (CSRF) vulnerability in IBM Dashboard Application Services HUB 3.1.2.1/3.1.3
IBM Jazz for Service Management 1.1.2.1 and 1.1.3 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts.
network
low complexity
ibm CWE-352
8.8
2017-02-02 CVE-2016-5935 Information Exposure vulnerability in IBM Dashboard Application Services HUB 3.1.3
IBM Jazz for Service Management could allow a remote attacker to obtain sensitive information, caused by the failure to properly validate the SSL certificate.
network
high complexity
ibm CWE-200
5.9