CVE-2016-0314
MEDIUMIBM Jazz Reporting Service <6.0.1 - CSRF
Title source: llmDescription
The Report Builder and Data Collection Component (DCC) in IBM Jazz Reporting Service (JRS) 5.x before 5.0.2 ifix016 and 6.x before 6.0.1 ifix005 allow remote authenticated users to conduct clickjacking attacks via unspecified vectors.
Scores
CVSS v3
6.5
EPSS
0.0015
EPSS Percentile
35.3%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
Classification
Status
draft
Affected Products (5)
ibm/jazz_reporting_service
ibm/jazz_reporting_service
ibm/jazz_reporting_service
ibm/jazz_reporting_service
ibm/jazz_reporting_service
Timeline
Published
Jul 08, 2016
Tracked Since
Feb 18, 2026