IBM Jazz Reporting Service (JRS) 6.0.6.1 Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’) Vulnerability

Summary

IBM Jazz Reporting Service (JRS) is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database.

Credit:

The information has been provided by Vendor

The original article can be found at:https://www.ibm.com/support/pages/node/1169956


Details

IBM Jazz Reporting Service (JRS) 6.0.6.1 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database.

 

Vulnerable Systems:

IBM Jazz Reporting Service (JRS) 6.0.6.1

 

CVE Information:

CVE-2019-4651

 

Disclosure Timeline:
Published Date:1/9/2020

Categories: News