Troubleshooting
Problem
Cross-Site Request Forgery vulnerability identified with Jazz for Service Management(JazzSM) v1.1.3
Impacted URLs:
https://
Environment
Apply fix on JazzSM 1.1.3/DASH 3.1.3, Cumulative Patch-4 level.
Resolving The Problem
Follow below steps to replace isclite.jar
1. Stop Jazz for Service Management(JazzSM) profile
ex: <JazzSM_HOME>/profile/bin/stopServer.sh server1
2. Move below file in safe location
<JazzSM_HOME>/profile/installedApps/JazzSMNode01Cell/isc.ear/isclite.jar
3. Download attached isclite.jar file and copy in below path
<JazzSM_HOME>/profile/installedApps/JazzSMNode01Cell/isc.ear/
4. Start JazzSM profile
ex: <JazzSM_HOME>/profile/bin/startServer.sh server1
Was this topic helpful?
Document Information
Modified date:
17 June 2018
UID
swg22010893