Vulnerabilities > IBM > Marketing Operations
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-07-20 | CVE-2020-4125 | Download of Code Without Integrity Check vulnerability in IBM Marketing Operations Using HCL Marketing Operations 9.1.2.4, 10.1.x, 11.1.0.x, a malicious attacker could download files from the RHEL environment by doing some modification in the link, giving the attacker access to confidential information. | 5.5 |
2018-11-09 | CVE-2017-1119 | Information Exposure vulnerability in IBM Marketing Operations IBM Marketing Operations 9.1.0, 9.1.2, and 10.1 could allow a remote attacker to obtain sensitive information. | 4.0 |
2017-05-22 | CVE-2016-6112 | Permissions, Privileges, and Access Controls vulnerability in IBM products IBM Distributed Marketing and Marketing Platform 8.6, 9.0, 9.1, and 10.0 could allow an authenticated user to escalate their privileges and gain administrative permissions over the web application. | 6.5 |
2015-06-07 | CVE-2014-8887 | Improper Input Validation vulnerability in IBM Marketing Operations IBM Marketing Operations 7.x and 8.x before 8.5.0.7.2, 8.6.x before 8.6.0.8, 9.0.x before 9.0.0.4.1, 9.1.0.x before 9.1.0.5, and 9.1.1.x before 9.1.1.2 allows remote authenticated users to upload arbitrary GIFAR files, and consequently modify data, via unspecified vectors. | 4.0 |
2015-06-07 | CVE-2014-6222 | Path Traversal vulnerability in IBM Marketing Operations Directory traversal vulnerability in IBM Marketing Operations 7.x and 8.x before 8.5.0.7.2, 8.6.x before 8.6.0.8, 9.0.x before 9.0.0.4.1, 9.1.0.x before 9.1.0.5, and 9.1.1.x before 9.1.1.2 allows remote authenticated users to read arbitrary files via a .. | 4.0 |
2015-06-07 | CVE-2014-6175 | Cross-site Scripting vulnerability in IBM Marketing Operations Cross-site scripting (XSS) vulnerability in IBM Marketing Operations 7.x and 8.x before 8.5.0.7.2, 8.6.x before 8.6.0.8, 9.0.x before 9.0.0.4.1, 9.1.0.x before 9.1.0.5, and 9.1.1.x before 9.1.1.2 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. | 3.5 |