Vulnerabilities > IBM > Cloud Automation Manager
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-03-16 | CVE-2019-4617 | Session Fixation vulnerability in IBM Cloud Automation Manager 3.2.1.0 IBM Cloud Automation Manager 3.2.1.0 does not renew a session variable after a successful authentication which could lead to session fixation/hijacking vulnerability. | 3.6 |
| 2020-02-05 | CVE-2019-4616 | Missing Encryption of Sensitive Data vulnerability in IBM Cloud Automation Manager 3.2.1.0 IBM Cloud Automation Manager 3.2.1.0 does not set the secure attribute on authorization tokens or session cookies. | 2.9 |
| 2019-08-29 | CVE-2019-4133 | Unspecified vulnerability in IBM Cloud Automation Manager 3.1.2 IBM Cloud Automation Manager 3.1.2 could allow a malicious user on the client side (with access to client computer) to run a custom script. | 5.2 |
| 2019-08-29 | CVE-2019-4132 | Unspecified vulnerability in IBM Cloud Automation Manager 3.1.2 IBM Cloud Automation Manager 3.1.2 could allow a user to be impropertly redirected and obtain sensitive information rather than receive a 404 error message. | 3.3 |