Vulnerabilities > IBM > Pureapplication System > 1.1.0.4
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2015-01-10 | CVE-2014-6158 | Path Traversal vulnerability in IBM Pureapplication System and Workload Deployer Multiple directory traversal vulnerabilities in the file-upload feature in IBM PureApplication System 1.0 before 1.0.0.4 iFix 10, 1.1 before 1.1.0.5, and 2.0 before 2.0.0.1 and Workload Deployer 3.1.0.7 before IF5 allow remote authenticated users to execute arbitrary code via a (1) Script Package, (2) Add-On, or (3) Emergency Fixes component. | 9.0 |
| 2014-06-14 | CVE-2014-0960 | Permissions, Privileges, and Access Controls vulnerability in IBM Pureapplication System IBM PureApplication System 1.0 before 1.0.0.4 cfix8 and 1.1 before 1.1.0.4 IF1 allows remote authenticated users to bypass intended access restrictions by establishing an SSH session from a deployed virtual machine. | 6.6 |