Vulnerabilities > IBM > Low
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2018-11-09 | CVE-2018-1842 | Improper Verification of Cryptographic Signature vulnerability in multiple products IBM Cognos Analytics 11 Configuration tool, under certain circumstances, will bypass OIDC namespace signature verification on its id_token. | 3.6 |
2018-08-30 | CVE-2016-0205 | Information Exposure vulnerability in IBM Cloud Orchestrator A vulnerability has been identified in IBM Cloud Orchestrator 2.3, 2.3.0.1, 2.4, and 2.4.0.1 that could allow an attacker after authentication to enumerate valid users of the system. | 3.3 |
2018-08-30 | CVE-2016-0234 | Insufficient Session Expiration vulnerability in IBM Openpages GRC Platform IBM OpenPages GRC Platform 7.1, 7.2, and 7.3 could allow a local user to obtain sensitive information when a previous user has logged out of the system but neglected to close their browser. | 3.3 |
2018-05-29 | CVE-2018-1369 | Information Exposure vulnerability in IBM Security Guardium BIG Data Intelligence 3.1 IBM Security Guardium Big Data Intelligence (SonarG) 3.1 stores sensitive information in URL parameters. | 3.7 |
2018-04-04 | CVE-2017-1733 | Information Exposure Through Log Files vulnerability in IBM Qradar Security Information and Event Manager 7.3.0/7.3.1 IBM QRadar 7.3 stores potentially sensitive information in log files that could be read by a local user. | 3.3 |
2018-03-30 | CVE-2017-1756 | Information Exposure vulnerability in IBM Business Process Manager IBM Business Process Manager 8.6 allows web pages to be stored locally which can be read by another user on the system. | 3.3 |
2018-03-26 | CVE-2015-5045 | Information Exposure vulnerability in IBM Rational License KEY Server The Administration and Reporting tool in IBM Rational License Key Server (RLKS) before 8.1.4.9 iFix 04 allows local users to obtain sensitive information via unspecified vectors. | 3.3 |
2018-03-20 | CVE-2015-7449 | Inadequate Encryption Strength vulnerability in IBM products IBM Rational Collaborative Lifecycle Management (CLM) 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, 6.0.x before 6.0.1 iFix5, and 6.0.2 before iFix2; Rational Quality Manager (RQM) 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, 6.0.x before 6.0.1 iFix5, and 6.0.2 before iFix2; Rational Team Concert (RTC) 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, 6.0.x before 6.0.1 iFix5, and 6.0.2 before iFix2; Rational Requirements Composer (RRC) 4.0.x before 4.0.7 iFix10; Rational DOORS Next Generation (RDNG) 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, 6.0.x before 6.0.1 iFix5, and 6.0.2 before iFix2; Rational Engineering Lifecycle Manager (RELM) 4.0.3, 4.0.4, 4.0.5, 4.0.6, 4.0.7 before iFix1, 5.0.x before 5.0.2 iFix1, and 6.0.x before 6.0.2; Rational Rhapsody Design Manager (Rhapsody DM) 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, 6.0.x before 6.0.1 iFix5, and 6.0.2 before iFix2; Rational Software Architect Design Manager (RSA DM) 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, 6.0.x before 6.0.1 iFix5, and 6.0.2 before iFix2 allow local users to obtain sensitive information by leveraging weak encryption. | 3.3 |
2018-03-09 | CVE-2016-0275 | Information Exposure vulnerability in IBM Financial Transaction Manager IBM Financial Transaction Manager (FTM) for ACH Services for Multi-Platform 2.1.1.2 and 3.0.0.x before fp0013, Financial Transaction Manager (FTM) for Check Services for Multi-Platform 2.1.1.2 and 3.0.0.x before fp0013, and Financial Transaction Manager (FTM) for Corporate Payment Services (CPS) for Multi-Platform 2.1.1.2 and 3.0.0.x before fp0013 allows local users to obtain sensitive information via vectors related to cacheable HTTPS responses. | 3.3 |
2018-03-02 | CVE-2017-1654 | Information Exposure vulnerability in IBM General Parallel File System and Spectrum Scale IBM Spectrum Scale 4.1.1 and 4.2.0 - 4.2.3 could allow a local unprivileged user access to information located in dump files. | 3.3 |