Vulnerabilities > IBM
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-08-13 | CVE-2017-1749 | Path Traversal vulnerability in IBM Urbancode Deploy IBM UrbanCode Deploy 6.1 through 6.9.6.0 could allow a remote attacker to traverse directories on the system. | 5.3 |
| 2018-08-13 | CVE-2017-1286 | Information Exposure vulnerability in IBM Urbancode Deploy Sensitive information about the configuration of the IBM UrbanCode Deploy 6.1 through 6.9.6.0 server and database can be obtained by a user who has been given elevated permissions in the UI, even after those elevated permissions have been revoked. | 6.5 |
| 2018-08-13 | CVE-2016-2922 | Improper Certificate Validation vulnerability in IBM Rational Clearquest IBM Rational ClearQuest 8.0 through 8.0.1.9 and 9.0 through 9.0.1.3 (CQ OSLC linkages, EmailRelay) fails to check the SSL certificate against the requested hostname. | 5.9 |
| 2018-08-07 | CVE-2018-1690 | Cross-site Scripting vulnerability in IBM Rhapsody Model Manager 6.0.6 IBM Rhapsody Model Manager 6.0.6 is vulnerable to cross-site scripting. | 5.4 |
| 2018-08-06 | CVE-2018-1551 | Incorrect Permission Assignment for Critical Resource vulnerability in IBM Websphere MQ IBM WebSphere MQ 8.0.0.2 through 8.0.0.8 and 9.0.0.0 through 9.0.0.3 could allow users to have more authority than they should have if an MQ administrator creates an invalid user group name. | 7.5 |
| 2018-08-06 | CVE-2018-1528 | Information Exposure vulnerability in IBM products IBM Maximo Asset Management 7.6 through 7.6.3 could allow an authenticated user to obtain sensitive information from the WhoAmI API. | 4.3 |
| 2018-08-06 | CVE-2018-1422 | Cross-site Scripting vulnerability in IBM Rational Doors Next Generation IBM Jazz Foundation products (IBM Rational DOORS Next Generation 5.0 through 5.0.2 and 6.0 through 6.0.5) are vulnerable to cross-site scripting. | 5.4 |
| 2018-08-06 | CVE-2017-1755 | Unspecified vulnerability in IBM Security Identity Governance and Intelligence IBM Security Identity Governance Virtual Appliance 5.2 through 5.2.3.2 could allow a local attacker to inject commands into malicious files that could be executed by the administrator. | 6.7 |
| 2018-08-06 | CVE-2017-1412 | Information Exposure vulnerability in IBM Security Identity Governance and Intelligence IBM Security Identity Governance Virtual Appliance 5.2 through 5.2.3.2 generates an error message that includes sensitive information about its environment, users, or associated data. | 4.3 |
| 2018-08-06 | CVE-2017-1411 | Insufficiently Protected Credentials vulnerability in IBM Security Identity Governance and Intelligence IBM Security Identity Governance Virtual Appliance 5.2 through 5.2.3.2 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. | 7.5 |