mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-07-29 05:56:59 +00:00
68 lines
1.9 KiB
JSON
68 lines
1.9 KiB
JSON
{
|
|
"CVE_data_meta" : {
|
|
"ASSIGNER" : "cve@mitre.org",
|
|
"ID" : "CVE-2016-2889",
|
|
"STATE" : "PUBLIC"
|
|
},
|
|
"affects" : {
|
|
"vendor" : {
|
|
"vendor_data" : [
|
|
{
|
|
"product" : {
|
|
"product_data" : [
|
|
{
|
|
"product_name" : "n/a",
|
|
"version" : {
|
|
"version_data" : [
|
|
{
|
|
"version_value" : "n/a"
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
},
|
|
"vendor_name" : "n/a"
|
|
}
|
|
]
|
|
}
|
|
},
|
|
"data_format" : "MITRE",
|
|
"data_type" : "CVE",
|
|
"data_version" : "4.0",
|
|
"description" : {
|
|
"description_data" : [
|
|
{
|
|
"lang" : "eng",
|
|
"value" : "Cross-site request forgery (CSRF) vulnerability in the Report Builder and Data Collection Component (DCC) in IBM Jazz Reporting Service (JRS) 5.x before 5.0.2 ifix016, 6.0 and 6.0.1 before 6.0.1 ifix005, and 6.0.2 before ifix002 allows remote authenticated users to hijack the authentication of arbitrary users."
|
|
}
|
|
]
|
|
},
|
|
"problemtype" : {
|
|
"problemtype_data" : [
|
|
{
|
|
"description" : [
|
|
{
|
|
"lang" : "eng",
|
|
"value" : "n/a"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
"references" : {
|
|
"reference_data" : [
|
|
{
|
|
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21983147",
|
|
"refsource" : "CONFIRM",
|
|
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21983147"
|
|
},
|
|
{
|
|
"name" : "91766",
|
|
"refsource" : "BID",
|
|
"url" : "http://www.securityfocus.com/bid/91766"
|
|
}
|
|
]
|
|
}
|
|
}
|