|
250241
|
5.3 |
MEDIUM
Network
|
ibm
|
openpages_grc_platform
|
IBM OpenPages GRC Platform 7.2 and 7.3 with OpenPages Loss Event Entry (LEE) application could allow a user to obtain sensitive information including private APIs that could be used in further attack…
|
CWE-200
Information Exposure
|
CVE-2017-1148
|
2024-11-21 12:21 |
2017-11-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250242
|
5.4 |
MEDIUM
Network
|
ibm
|
openpages_grc_platform
|
IBM OpenPages GRC Platform 7.1, 7.2, and 7.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functio…
|
CWE-79
Cross-site Scripting
|
CVE-2017-1147
|
2024-11-21 12:21 |
2017-11-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250243
|
5.9 |
MEDIUM
Network
|
ibm
|
bigfix_platform
|
IBM Tivoli Endpoint Manager (IBM BigFix Platform 9.2 and 9.5) transmits sensitive or security-critical data in cleartext in a communication channel that can be sniffed by unauthorized actors. IBM X-F…
|
CWE-319
Cleartext Transmission of Sensitive Information
|
CVE-2017-1232
|
2024-11-21 12:21 |
2017-10-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250244
|
5.3 |
MEDIUM
Network
|
ibm
|
bigfix_platform
|
IBM Tivoli Endpoint Manager (IBM BigFix Platform 9.2 and 9.5) uses insufficiently random numbers or values in a security context that depends on unpredictable numbers. This weakness may allow attacke…
|
CWE-200
Information Exposure
|
CVE-2017-1230
|
2024-11-21 12:21 |
2017-10-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250245
|
3.7 |
LOW
Network
|
ibm
|
bigfix_platform
|
IBM Tivoli Endpoint Manager (IBM BigFix Platform 9.2 and 9.5) could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable the secure cookie attribute. An a…
|
CWE-200
Information Exposure
|
CVE-2017-1228
|
2024-11-21 12:21 |
2017-10-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250246
|
4.3 |
MEDIUM
Network
|
ibm
|
bigfix_platform
|
IBM Tivoli Endpoint Manager (IBM BigFix Platform 9.2 and 9.5) generates an error message in error logs that includes sensitive information about its environment which could be used in further attacks…
|
CWE-200
Information Exposure
|
CVE-2017-1226
|
2024-11-21 12:21 |
2017-10-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250247
|
5.3 |
MEDIUM
Network
|
ibm
|
bigfix_platform
|
IBM Tivoli Endpoint Manager (IBM BigFix Platform 9.2 and 9.5) stores sensitive information in URL parameters. This may lead to information disclosure if unauthorized parties have access to the URLs v…
|
CWE-200
Information Exposure
|
CVE-2017-1225
|
2024-11-21 12:21 |
2017-10-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250248
|
6.5 |
MEDIUM
Network
|
ibm
|
bigfix_platform
|
IBM Tivoli Endpoint Manager (IBM BigFix Platform 9.2 and 9.5) does not perform an authentication check for a critical resource or functionality allowing anonymous users access to protected areas. IBM…
|
CWE-287
Improper Authentication
|
CVE-2017-1222
|
2024-11-21 12:21 |
2017-10-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250249
|
5.3 |
MEDIUM
Network
|
ibm
|
bigfix_platform
|
IBM Tivoli Endpoint Manager (IBM BigFix Platform 9.2 and 9.5) discloses sensitive information to unauthorized users. The information can be used to mount further attacks on the system. IBM X-Force ID…
|
CWE-200
Information Exposure
|
CVE-2017-1220
|
2024-11-21 12:21 |
2017-10-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250250
|
5.4 |
MEDIUM
Network
|
ibm
|
rational_collaborative_lifecycle_management
|
IBM Team Concert (RTC) is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially lea…
|
CWE-79
Cross-site Scripting
|
CVE-2017-1363
|
2024-11-21 12:21 |
2017-10-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
