Vulnerabilities > IBM > Cloud Automation Manager

DATE CVE VULNERABILITY TITLE RISK
2020-03-16 CVE-2019-4617 Session Fixation vulnerability in IBM Cloud Automation Manager 3.2.1.0
IBM Cloud Automation Manager 3.2.1.0 does not renew a session variable after a successful authentication which could lead to session fixation/hijacking vulnerability.
local
low complexity
ibm CWE-384
4.4
2020-02-05 CVE-2019-4616 Missing Encryption of Sensitive Data vulnerability in IBM Cloud Automation Manager 3.2.1.0
IBM Cloud Automation Manager 3.2.1.0 does not set the secure attribute on authorization tokens or session cookies.
low complexity
ibm CWE-311
3.5
2019-08-29 CVE-2019-4133 Unspecified vulnerability in IBM Cloud Automation Manager 3.1.2
IBM Cloud Automation Manager 3.1.2 could allow a malicious user on the client side (with access to client computer) to run a custom script.
local
low complexity
ibm
5.2
2019-08-29 CVE-2019-4132 Unspecified vulnerability in IBM Cloud Automation Manager 3.1.2
IBM Cloud Automation Manager 3.1.2 could allow a user to be impropertly redirected and obtain sensitive information rather than receive a 404 error message.
local
low complexity
ibm
3.3