Vulnerabilities > IBM
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-10-24 | CVE-2016-3049 | Cross-site Scripting vulnerability in IBM Openpages GRC Platform 7.1/7.2/7.3 IBM OpenPages GRC Platform 7.1, 7.2, and 7.3 is vulnerable to HTML injection. | 5.4 |
| 2017-10-10 | CVE-2017-1538 | Information Exposure vulnerability in IBM Financial Transaction Manager 3.0.2.0/3.0.2.1 IBM Financial Transaction Manager for ACH Services for Multi-Platform 3.0.2 could allow an authenticated user to obtain sensitive information from an undocumented URL. | 6.5 |
| 2017-10-10 | CVE-2017-1503 | Cross-site Scripting vulnerability in IBM Websphere Application Server IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to HTTP response splitting attacks. | 6.1 |
| 2017-10-05 | CVE-2017-1522 | Cross-site Scripting vulnerability in IBM Content Navigator 2.0.3.8/3.0.0/3.0.1 IBM Content Navigator & CMIS 2.0.3, 3.0.0, and 3.0.1 is vulnerable to cross-site scripting. | 5.4 |
| 2017-10-05 | CVE-2017-1378 | Insufficiently Protected Credentials vulnerability in IBM Tivoli Storage Manager IBM Spectrum Protect 7.1 and 8.1 (formerly Tivoli Storage Manager) disclosed unencrypted login credentials to Vmware vCenter in the application trace output which could be obtained by a local user. | 7.8 |
| 2017-10-05 | CVE-2017-1339 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in IBM Tivoli Storage Manager IBM Spectrum Protect 7.1 and 8.1 (formerly Tivoli Storage Manager) Server uses weak encryption for the password. | 4.4 |
| 2017-10-05 | CVE-2017-1301 | Link Following vulnerability in IBM Tivoli Storage Manager IBM Spectrum Protect 7.1 and 8.1 could allow a local attacker to launch a symlink attack. | 5.5 |
| 2017-10-05 | CVE-2017-1201 | Insufficiently Protected Credentials vulnerability in IBM Bigfix Security Compliance Analytics 1.9.79 IBM BigFix Compliance Analytics 1.9.79 (TEMA SUAv1 SCA SCM) stores user credentials in clear text which can be read by a local user. | 7.8 |
| 2017-10-05 | CVE-2016-8937 | Improper Authentication vulnerability in IBM Tivoli Storage Manager The IBM Tivoli Storage Manager (IBM Spectrum Protect 7.1 and 8.1) default authentication protocol is vulnerable to a brute force attack due to disclosing too much information during authentication. | 9.8 |
| 2017-10-04 | CVE-2017-1541 | Improper Input Validation vulnerability in IBM AIX A flaw in the AIX 5.3, 6.1, 7.1, and 7.2 JRE/SDK installp and updatep packages prevented the java.security, java.policy and javaws.policy files from being updated correctly. | 7.3 |