CVE-2017-1746

Name of the Vulnerable Software and Affected Versions IBM Jazz for Service Management version 1.1.3

Description The issue allows an attacker to execute malicious and unauthorized actions by exploiting cross-site request forgery. This could be done by transmitting actions from a user that the website trusts.

Recommendations For IBM Jazz for Service Management version 1.1.3, consider implementing anti-CSRF measures, such as token-based validation, to prevent unauthorized actions. As a temporary workaround, restrict access to sensitive features that could be exploited through cross-site request forgery until a patch is available.