Vulnerabilities > IBM > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-12-12 | CVE-2018-1484 | Session Fixation vulnerability in IBM Bigfix Platform IBM BigFix Platform 9.2.0 through 9.2.14 and 9.5 through 9.5.9 does not set the secure attribute on authorization tokens or session cookies. | 3.7 |
| 2018-12-06 | CVE-2018-1505 | Information Exposure vulnerability in IBM I2 Enterprise Insight Analysis 2.1.7/2.1.8 IBM i2 Enterprise Insight Analysis 2.1.7 allows web pages to be stored locally which can be read by another user on the system. | 3.3 |
| 2018-12-05 | CVE-2018-1568 | Information Exposure vulnerability in IBM Qradar Incident Forensics IBM QRadar SIEM 7.2 and 7.3 allows web pages to be stored locally which can be read by another user on the system. | 3.3 |
| 2018-11-09 | CVE-2016-9749 | Improper Input Validation vulnerability in IBM Campaign IBM Campaign 9.1.0, 9.1.2, 10.0, and 10.1 could allow an authenticated user with access to the local network to bypass security due to lack of input validation. | 3.3 |
| 2018-11-09 | CVE-2018-1842 | Improper Verification of Cryptographic Signature vulnerability in multiple products IBM Cognos Analytics 11 Configuration tool, under certain circumstances, will bypass OIDC namespace signature verification on its id_token. | 3.6 |
| 2018-08-30 | CVE-2016-0205 | Information Exposure vulnerability in IBM Cloud Orchestrator A vulnerability has been identified in IBM Cloud Orchestrator 2.3, 2.3.0.1, 2.4, and 2.4.0.1 that could allow an attacker after authentication to enumerate valid users of the system. | 3.3 |
| 2018-08-30 | CVE-2016-0234 | Insufficient Session Expiration vulnerability in IBM Openpages GRC Platform IBM OpenPages GRC Platform 7.1, 7.2, and 7.3 could allow a local user to obtain sensitive information when a previous user has logged out of the system but neglected to close their browser. | 3.3 |
| 2018-05-29 | CVE-2018-1369 | Information Exposure vulnerability in IBM Security Guardium BIG Data Intelligence 3.1 IBM Security Guardium Big Data Intelligence (SonarG) 3.1 stores sensitive information in URL parameters. | 3.7 |
| 2018-04-04 | CVE-2017-1733 | Information Exposure Through Log Files vulnerability in IBM Qradar Security Information and Event Manager 7.3.0/7.3.1 IBM QRadar 7.3 stores potentially sensitive information in log files that could be read by a local user. | 3.3 |
| 2018-03-30 | CVE-2017-1756 | Information Exposure vulnerability in IBM Business Process Manager IBM Business Process Manager 8.6 allows web pages to be stored locally which can be read by another user on the system. | 3.3 |