APAR status
Closed as program error.
Error description
The application does not perform adequate authorization checks. An authenticated user can gain unauthorized access to sensitive information or functionality by manipulating specific parameters within the application. OWASP 2013 Category: A4-Insecure Direct Object References Affected Hosts and Services 172.18.116.17 : 8443 tcp pcsync-https Affected URLs https://172.18.116.17:8443/data/controller/JobTracker?actiontype =getconffilecontents&jobid=job_ssm_88484 https://172.18.116.17:8443/data/controller/JobTracker?actiontype =getjobsummary&jobid=job_ssm_88484
Local fix
Problem summary
See Error Description
Problem conclusion
This problem is fixed in Version 3.0 + customer fix and later fix packs
Temporary fix
Comments
APAR Information
APAR number
PI33111
Reported component name
INFO BIGINSIGHT
Reported component ID
5725C0900
Reported release
300
Status
CLOSED PER
PE
NoPE
HIPER
NoHIPER
Special Attention
NoSpecatt
Submitted date
2015-01-20
Closed date
2015-07-24
Last modified date
2015-07-24
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
Fix information
Fixed component name
INFO BIGINSIGHT
Fixed component ID
5725C0900
Applicable component levels
R300 PSY
UP
[{"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SSCRJT","label":"IBM Db2 Big SQL"},"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"300","Line of Business":{"code":"LOB10","label":"Data and AI"}}]
Document Information
Modified date:
25 August 2020