Vulnerabilities > IBM > I2 Enterprise Insight Analysis

DATE CVE VULNERABILITY TITLE RISK
2018-12-06 CVE-2018-1525 Cleartext Transmission of Sensitive Information vulnerability in IBM I2 Enterprise Insight Analysis 2.1.7/2.1.8
IBM i2 Enterprise Insight Analysis 2.1.7 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security.
network
high complexity
ibm CWE-319
5.9
5.9
2018-12-06 CVE-2018-1505 Information Exposure vulnerability in IBM I2 Enterprise Insight Analysis 2.1.7/2.1.8
IBM i2 Enterprise Insight Analysis 2.1.7 allows web pages to be stored locally which can be read by another user on the system.
local
low complexity
ibm CWE-200
3.3
3.3
2018-12-06 CVE-2018-1504 Improper Input Validation vulnerability in IBM I2 Enterprise Insight Analysis 2.1.7/2.1.8
IBM i2 Enterprise Insight Analysis 2.1.7 could allow a remote attacker to hijack the clicking action of the victim.
network
low complexity
ibm CWE-20
6.1
6.1