Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2016-01-02 | CVE-2015-4996 | Information Exposure vulnerability in IBM Rational Clearquest IBM Rational ClearQuest 7.1.x and 8.0.0.x before 8.0.0.17 and 8.0.1.x before 8.0.1.10 allows local users to spoof database servers and discover credentials via unspecified vectors. | 5.1 |
| 2016-01-02 | CVE-2015-4990 | Information Exposure vulnerability in IBM Tealeaf Customer Experience The portal in IBM Tealeaf Customer Experience before 8.7.1.8818, 8.8 before 8.8.0.9026, 9.0.0, 9.0.0A, 9.0.1 before 9.0.1.1083, 9.0.1A before 9.0.1.5073, 9.0.2 before 9.0.2.1095, and 9.0.2A before 9.0.2.5144 allows local users to discover credentials by leveraging privileges during an unspecified connection type. | 4.0 |
| 2016-01-02 | CVE-2015-4989 | Information Exposure vulnerability in IBM Tealeaf Customer Experience The portal in IBM Tealeaf Customer Experience before 8.7.1.8814, 8.8 before 8.8.0.9026, 9.0.0, 9.0.0A, 9.0.1 before 9.0.1.1083, 9.0.1A before 9.0.1.5073, 9.0.2 before 9.0.2.1095, and 9.0.2A before 9.0.2.5144 allows remote attackers to read arbitrary charts by specifying an internal chart name. | 3.7 |
| 2016-01-01 | CVE-2015-7456 | Information Exposure vulnerability in IBM Spectrum Scale IBM Spectrum Scale 4.1.1 before 4.1.1.4, and 4.2.0.0, allows remote authenticated users to discover object-storage admin passwords via unspecified vectors. | 6.5 |
| 2016-01-01 | CVE-2015-7409 | Cross-site Scripting vulnerability in IBM Qradar Security Information and Event Manager Cross-site scripting (XSS) vulnerability in IBM Security QRadar SIEM 7.2.x before 7.2.6 allows remote authenticated users to inject arbitrary web script or HTML via an unspecified field. | 5.4 |
| 2016-01-01 | CVE-2015-7445 | Information Exposure vulnerability in IBM products IBM Multi-Enterprise Integration Gateway 1.0 through 1.0.0.1 and B2B Advanced Communications 1.x before 1.0.0.4, when guest access is configured, allow remote authenticated users to obtain sensitive information by reading error messages in responses. | 4.3 |
| 2016-01-01 | CVE-2015-7421 | Information Exposure vulnerability in IBM MQ Appliance M2000 8.0.0.3 Unspecified vulnerability in GSKit on IBM MQ M2000 appliances before 8.0.0.4 allows remote attackers to obtain sensitive information via unknown vectors, a different vulnerability than CVE-2015-7420. | 3.7 |
| 2016-01-01 | CVE-2015-7420 | Information Exposure vulnerability in IBM MQ Appliance M2000 8.0.0.3 Unspecified vulnerability in GSKit on IBM MQ M2000 appliances before 8.0.0.4 allows remote attackers to obtain sensitive information via unknown vectors, a different vulnerability than CVE-2015-7421. | 3.7 |
| 2016-01-01 | CVE-2015-7415 | Cross-site Scripting vulnerability in IBM Urbancode Deploy Multiple cross-site scripting (XSS) vulnerabilities in IBM UrbanCode Deploy 6.0 before 6.0.1.12, 6.1 before 6.1.3.2, and 6.2 before 6.2.0.2 allow remote authenticated users to inject arbitrary web script or HTML via a crafted URL. | 5.4 |
| 2016-01-01 | CVE-2015-7410 | Code vulnerability in IBM Sterling B2B Integrator 5.2 The Health Check tool in IBM Sterling B2B Integrator 5.2 does not properly use cookies in conjunction with HTTPS sessions, which allows man-in-the-middle attackers to obtain sensitive information or modify data via unspecified vectors. | 7.4 |