Vulnerabilities > Information Exposure
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-02-01 | CVE-2016-8981 | Information Exposure vulnerability in IBM Bigfix Inventory and License Metric Tool IBM BigFix Inventory v9 allows web pages to be stored locally which can be read by another user on the system. | 5.5 |
| 2017-02-01 | CVE-2016-8966 | Information Exposure vulnerability in IBM Bigfix Inventory and License Metric Tool IBM BigFix Inventory v9 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. | 5.9 |
| 2017-02-01 | CVE-2016-6122 | Information Exposure vulnerability in IBM Kenexa LMS on Cloud IBM Kenexa LMS on Cloud 13.1 and 13.2 - 13.2.4 discloses answers to security questions in a response to authenticated users. | 4.3 |
| 2017-02-01 | CVE-2016-6080 | Information Exposure vulnerability in IBM Websphere Message Broker 8.0 The WebAdmin context for WebSphere Message Broker allows directory listings which could disclose sensitive information to the attacker. | 5.3 |
| 2017-02-01 | CVE-2016-6034 | Information Exposure vulnerability in IBM Tivoli Storage Manager for Virtual Environments Data Protection for VMWare IBM Tivoli Storage Manager for Virtual Environments (VMware) could disclose the Windows domain credentials to a user with a high level of privileges. | 6.8 |
| 2017-02-01 | CVE-2016-5994 | Information Exposure vulnerability in IBM Infosphere Information Server 11.5 IBM InfoSphere Information Server contains a vulnerability that would allow an authenticated user to browse any file on the engine tier, and examine its contents. | 6.5 |
| 2017-02-01 | CVE-2016-5988 | Information Exposure vulnerability in IBM Security Privileged Identity Manager 2.0.2/2.1 IBM Security Privileged Identity Manager Virtual Appliance could disclose sensitive information in generated error messages that would be available to an authenticated user. | 6.5 |
| 2017-02-01 | CVE-2016-5966 | Information Exposure vulnerability in IBM Security Privileged Identity Manager 2.0.2/2.1 IBM Security Privileged Identity Manager Virtual Appliance could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. | 5.9 |
| 2017-02-01 | CVE-2016-5958 | Information Exposure vulnerability in IBM Security Privileged Identity Manager 2.0.2/2.1 IBM Security Privileged Identity Manager could allow a remote attacker to obtain sensitive information, caused by the failure to set the secure flag for the session cookie in SSL mode. | 7.5 |
| 2017-02-01 | CVE-2016-5896 | Information Exposure vulnerability in IBM products IBM Maximo Asset Management could disclose sensitive information from a stack trace after submitting incorrect login onto Cognos browser. | 5.3 |