Vulnerabilities > IBM > Low

DATE CVE VULNERABILITY TITLE RISK
2017-10-24 CVE-2017-1209 Cross-site Scripting vulnerability in IBM Daeja Viewone
IBM Daeja ViewONE Professional, Standard & Virtual 4.1.5.1 and 5.0.2 is vulnerable to cross-site scripting.
network
ibm CWE-79
3.5
3.5
2017-10-24 CVE-2017-1211 Information Exposure vulnerability in IBM Daeja Viewone
IBM Daeja ViewONE Professional, Standard & Virtual 4.1.5.1 and 5.0.2 could disclose sensitive information to a local user when logging is enabled.
local
ibm CWE-200
1.9
1.9
2017-10-05 CVE-2017-1201 Insufficiently Protected Credentials vulnerability in IBM Bigfix Security Compliance Analytics 1.9.79
IBM BigFix Compliance Analytics 1.9.79 (TEMA SUAv1 SCA SCM) stores user credentials in clear text which can be read by a local user.
local
low complexity
ibm CWE-522
2.1
2.1
2017-10-05 CVE-2017-1301 Link Following vulnerability in IBM Tivoli Storage Manager
IBM Spectrum Protect 7.1 and 8.1 could allow a local attacker to launch a symlink attack.
local
low complexity
ibm CWE-59
3.6
3.6
2017-10-05 CVE-2017-1339 Use of a Broken or Risky Cryptographic Algorithm vulnerability in IBM Tivoli Storage Manager
IBM Spectrum Protect 7.1 and 8.1 (formerly Tivoli Storage Manager) Server uses weak encryption for the password.
local
low complexity
ibm CWE-327
2.1
2.1
2017-10-05 CVE-2017-1378 Insufficiently Protected Credentials vulnerability in IBM Tivoli Storage Manager
IBM Spectrum Protect 7.1 and 8.1 (formerly Tivoli Storage Manager) disclosed unencrypted login credentials to Vmware vCenter in the application trace output which could be obtained by a local user.
local
low complexity
ibm CWE-522
2.1
2.1
2017-10-05 CVE-2017-1522 Cross-site Scripting vulnerability in IBM Content Navigator 2.0.3.8/3.0.0/3.0.1
IBM Content Navigator & CMIS 2.0.3, 3.0.0, and 3.0.1 is vulnerable to cross-site scripting.
network
ibm CWE-79
3.5
3.5
2017-10-03 CVE-2017-1324 Cross-site Scripting vulnerability in IBM Rational Engineering Lifecycle Manager
IBM RELM 4.0, 5.0, and 6.0 is vulnerable to cross-site scripting.
network
ibm CWE-79
3.5
3.5
2017-10-03 CVE-2017-1334 Cross-site Scripting vulnerability in IBM Rational Engineering Lifecycle Manager
IBM RELM 4.0, 5.0, and 6.0 is vulnerable to cross-site scripting.
network
ibm CWE-79
3.5
3.5
2017-10-03 CVE-2017-1335 Cross-site Scripting vulnerability in IBM Rational Engineering Lifecycle Manager
IBM RELM 4.0, 5.0, and 6.0 is vulnerable to cross-site scripting.
network
ibm CWE-79
3.5
3.5