Vulnerabilities > IBM > Control Center > 6.3.1.0

DATE CVE VULNERABILITY TITLE RISK
2025-01-25 CVE-2024-35111 Information Exposure Through an Error Message vulnerability in IBM Control Center 6.2.1.0/6.3.1.0
IBM Control Center 6.2.1 and 6.3.1 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser.
network
low complexity
ibm CWE-209
4.3
4.3
2025-01-25 CVE-2024-35112 Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in IBM Control Center 6.2.1.0/6.3.1.0
IBM Control Center 6.2.1 and 6.3.1 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser.
network
low complexity
ibm CWE-80
4.3
4.3
2025-01-25 CVE-2024-35113 Information Exposure Through Directory Listing vulnerability in IBM Control Center 6.2.1.0/6.3.1.0
IBM Control Center 6.2.1 and 6.3.1 could allow an authenticated user to obtain sensitive information exposed through a directory listing.
network
low complexity
ibm CWE-548
6.5
6.5
2025-01-25 CVE-2024-35114 Response Discrepancy Information Exposure vulnerability in IBM Control Center 6.2.1.0/6.3.1.0
IBM Control Center 6.2.1 and 6.3.1 could allow a remote attacker to enumerate usernames due to an observable discrepancy between login attempts.
network
low complexity
ibm CWE-204
5.3
5.3