Vulnerabilities > IBM > Cloud Automation Manager
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-03-16 | CVE-2019-4617 | Session Fixation vulnerability in IBM Cloud Automation Manager 3.2.1.0 IBM Cloud Automation Manager 3.2.1.0 does not renew a session variable after a successful authentication which could lead to session fixation/hijacking vulnerability. | 4.4 |
2020-02-05 | CVE-2019-4616 | Missing Encryption of Sensitive Data vulnerability in IBM Cloud Automation Manager 3.2.1.0 IBM Cloud Automation Manager 3.2.1.0 does not set the secure attribute on authorization tokens or session cookies. | 3.5 |
2019-08-29 | CVE-2019-4133 | Unspecified vulnerability in IBM Cloud Automation Manager 3.1.2 IBM Cloud Automation Manager 3.1.2 could allow a malicious user on the client side (with access to client computer) to run a custom script. | 5.2 |
2019-08-29 | CVE-2019-4132 | Unspecified vulnerability in IBM Cloud Automation Manager 3.1.2 IBM Cloud Automation Manager 3.1.2 could allow a user to be impropertly redirected and obtain sensitive information rather than receive a 404 error message. | 3.3 |