Vulnerabilities > IBM > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-01-11 | CVE-2017-1681 | Information Exposure vulnerability in IBM Liberty 3.13/3.15 IBM WebSphere Application Server (IBM Liberty for Java for Bluemix 3.15) could allow a local attacker to obtain sensitive information, caused by improper handling of application requests, which could allow unauthorized access to read a file. | 3.3 |
| 2018-01-04 | CVE-2017-1669 | Information Exposure vulnerability in IBM Security KEY Lifecycle Manager IBM Tivoli Key Lifecycle Manager 2.5, 2.6, and 2.7 stores sensitive information in URL parameters. | 3.7 |
| 2018-01-04 | CVE-2017-1699 | Incorrect Permission Assignment for Critical Resource vulnerability in IBM Websphere MQ IBM MQ Managed File Transfer Agent 8.0 and 9.0 sets insecure permissions on certain files it creates. | 3.3 |
| 2017-12-20 | CVE-2017-1261 | Information Exposure vulnerability in IBM Security Guardium IBM Security Guardium 10.0 stores potentially sensitive information in log files that could be read by a local user. | 3.3 |
| 2017-12-20 | CVE-2017-1270 | Session Fixation vulnerability in IBM Security Guardium IBM Security Guardium 10.0 does not renew a session variable after a successful authentication which could lead to session fixation/hijacking vulnerability. | 3.3 |
| 2017-12-13 | CVE-2017-1716 | Incorrect Permission Assignment for Critical Resource vulnerability in IBM Tivoli Workload Scheduler 8.6/9.1/9.2 IBM Tivoli Workload Scheduler 8.6.0, 9.1.0, and 9.2.0 could disclose sensitive information to a local attacker due to improper permission settings. | 3.3 |
| 2017-12-07 | CVE-2017-1341 | Unspecified vulnerability in IBM Websphere MQ IBM WebSphere MQ 8.0 and 9.0 could allow, under special circumstances, an unauthorized user to access an object which they should have been denied access. | 3.7 |
| 2017-12-07 | CVE-2017-1353 | Information Exposure vulnerability in IBM Atlas Ediscovery Process Management IBM Atlas eDiscovery Process Management 6.0.3 could allow an authenticated attacker to obtain sensitive information when an unsuspecting user clicks on unsafe third-party links. | 3.5 |
| 2017-12-07 | CVE-2017-1355 | Information Exposure vulnerability in IBM Atlas Ediscovery Process Management IBM Atlas eDiscovery Process Management 6.0.3 stores sensitive information in URL parameters. | 3.7 |
| 2017-12-07 | CVE-2017-1497 | Information Exposure vulnerability in IBM Sterling File Gateway 2.2 IBM Sterling File Gateway 2.2 could allow an unauthorized user to view files they should not have access to providing they know the directory location of the file. | 3.7 |