Vulnerabilities > IBM > Insights Foundation FOR Energy

DATE CVE VULNERABILITY TITLE RISK
2017-12-07 CVE-2017-1342 Information Exposure vulnerability in IBM Insights Foundation for Energy 2.0
IBM Insights Foundation for Energy 2.0 could reveal sensitive information in error messages to authenticated users that could e used to conduct further attacks.
network
low complexity
ibm CWE-200
4.3
2017-10-03 CVE-2017-1345 Cross-site Scripting vulnerability in IBM Insights Foundation for Energy 2.0
IBM Insights Foundation for Energy 2.0 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
2017-10-03 CVE-2017-1311 SQL Injection vulnerability in IBM Insights Foundation for Energy 2.0
IBM Insights Foundation for Energy 2.0 is vulnerable to SQL injection.
network
low complexity
ibm CWE-89
8.8
2017-04-28 CVE-2017-1141 Information Exposure vulnerability in IBM Insights Foundation for Energy 1.0/1.5/1.6
IBM Insights Foundation for Energy 1.0, 1.5, and 1.6 could allow an authenticated user to obtain sensitive information from error messages.
network
low complexity
ibm CWE-200
4.3