Vulnerabilities > IBM > Bigfix Compliance > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-02-05 | CVE-2017-1202 | Injection vulnerability in IBM Bigfix Compliance 1.7/1.8/1.9.91 IBM BigFix Compliance 1.7 through 1.9.91 (TEMA SUAv1 SCA SCM) is vulnerable to HTML injection. | 5.4 |
| 2019-02-05 | CVE-2017-1200 | Improper Certificate Validation vulnerability in IBM Bigfix Compliance 1.7/1.8/1.9.91 IBM BigFix Compliance 1.7 through 1.9.91 (TEMA SUAv1 SCA SCM) does not validate, or incorrectly validates, a certificate.This weakness might allow an attacker to spoof a trusted entity by using a man-in-the-middle (MITM) attack. | 5.9 |
| 2019-02-05 | CVE-2017-1198 | Information Exposure Through Log Files vulnerability in IBM Bigfix Compliance 1.7/1.8/1.9.91 IBM BigFix Compliance 1.7 through 1.9.91 (TEMA SUAv1 SCA SCM) stores sensitive information in URL parameters. | 5.3 |
| 2019-02-05 | CVE-2017-1177 | Information Exposure vulnerability in IBM Bigfix Compliance 1.7/1.8/1.9.91 IBM BigFix Compliance 1.7 through 1.9.91 discloses sensitive information to unauthorized users. | 5.3 |