Vulnerabilities > IBM > Bigfix Inventory > 9.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-07-13 | CVE-2016-8964 | 7PK - Security Features vulnerability in IBM Bigfix Inventory and License Metric Tool IBM BigFix Inventory v9 9.2 uses an inadequate account lockout setting that could allow a remote attacker to brute force account credentials. | 9.8 |
| 2017-04-26 | CVE-2016-8962 | Credentials Management vulnerability in IBM Bigfix Inventory 9.0/9.2 IBM BigFix Inventory 9.2 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. | 5.9 |
| 2017-02-01 | CVE-2016-8963 | Information Exposure vulnerability in IBM Bigfix Inventory and License Metric Tool IBM BigFix Inventory v9 stores potentially sensitive information in log files that could be read by a local user. | 5.5 |
| 2017-02-01 | CVE-2016-8961 | Open Redirect vulnerability in IBM Bigfix Inventory and License Metric Tool IBM BigFix Inventory v9 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. | 6.1 |