Vulnerabilities > IBM
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-02-01 | CVE-2016-6061 | Cross-site Scripting vulnerability in IBM Rational Collaborative Lifecycle Management IBM Jazz Foundation is vulnerable to cross-site scripting. | 5.4 |
| 2017-02-01 | CVE-2016-6059 | XXE vulnerability in IBM products IBM InfoSphere Information Server is vulnerable to a denial of service, caused by an XML External Entity Injection (XXE) error when processing XML data. | 8.1 |
| 2017-02-01 | CVE-2016-6054 | Cross-site Scripting vulnerability in IBM Jazz Reporting Service IBM Jazz Foundation is vulnerable to cross-site scripting. | 5.4 |
| 2017-02-01 | CVE-2016-6047 | Cross-site Scripting vulnerability in IBM Jazz Reporting Service 6.0.2 IBM Jazz Reporting Service (JRS) is vulnerable to cross-site scripting. | 5.4 |
| 2017-02-01 | CVE-2016-6046 | Cross-site Scripting vulnerability in IBM Tivoli Storage Manager IBM Tivoli Storage Manager Operations Center is vulnerable to cross-site scripting. | 5.4 |
| 2017-02-01 | CVE-2016-6045 | Cross-Site Request Forgery (CSRF) vulnerability in IBM Tivoli Storage Manager IBM Tivoli Storage Manager Operations Center is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. | 8.8 |
| 2017-02-01 | CVE-2016-6044 | Improper Access Control vulnerability in IBM Tivoli Storage Manager IBM Tivoli Storage Manager Operations Center could allow an authenticated attacker to enable or disable the application's REST API, which may let the attacker violate security policy. | 4.3 |
| 2017-02-01 | CVE-2016-6043 | Session Fixation vulnerability in IBM Tivoli Storage Manager Tivoli Storage Manager Operations Center could allow a local user to take over a previously logged in user due to session expiration not being enforced. | 7.0 |
| 2017-02-01 | CVE-2016-6042 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in IBM Security Appscan IBM AppScan Enterprise Edition could allow a remote attacker to execute arbitrary code on the system, caused by improper handling of objects in memory. | 7.3 |
| 2017-02-01 | CVE-2016-6040 | Session Fixation vulnerability in IBM Rational Collaborative Lifecycle Management IBM Jazz Foundation could allow an authenticated user to take over a previously logged in user due to session expiration not being enforced. | 5.0 |