Vulnerabilities > IBM > Bigfix Platform > 9.2.11
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-12-12 | CVE-2018-1474 | Injection vulnerability in IBM Bigfix Platform IBM BigFix Platform 9.2.0 through 9.2.14 and 9.5 through 9.5.9 is vulnerable to HTTP response splitting attacks, caused by improper validation of user-supplied input. | 4.3 |
| 2018-06-04 | CVE-2018-1600 | Cleartext Transmission of Sensitive Information vulnerability in IBM Bigfix Platform IBM BigFix Platform 9.2 and 9.5 transmits sensitive or security-critical data in clear text in a communication channel that can be sniffed by unauthorized actors. | 5.0 |
| 2018-04-27 | CVE-2018-1479 | Cross-Site Request Forgery (CSRF) vulnerability in IBM Bigfix Platform IBM BigFix Platform 9.2 and 9.5 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. | 6.8 |
| 2018-04-27 | CVE-2018-1475 | Improper Restriction of Excessive Authentication Attempts vulnerability in IBM Bigfix Platform IBM BigFix Platform 9.2 and 9.5 uses an inadequate account lockout setting that could allow a remote attacker to brute force account credentials. | 5.0 |
| 2018-04-27 | CVE-2018-1473 | Cross-site Scripting vulnerability in IBM Bigfix Platform IBM BigFix Platform 9.2 and 9.5 is vulnerable to cross-site scripting. | 4.3 |