CVE-2021-29816

Name of the Vulnerable Software and Affected Versions IBM Jazz for Service Management version 1.1.3.10 IBM Tivoli Netcool/OMNIbus GUI (affected versions not specified)

Description The issue allows an attacker to execute malicious and unauthorized actions by exploiting a cross-site request forgery. This could be done by transmitting actions from a user that the website trusts.

Recommendations For IBM Jazz for Service Management version 1.1.3.10, consider implementing anti-CSRF measures, such as token-based validation, to prevent unauthorized actions. For IBM Tivoli Netcool/OMNIbus GUI, at the moment, there is no information about a newer version that contains a fix for this vulnerability.