Vulnerabilities > IBM > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-02-13 | CVE-2019-4592 | Unspecified vulnerability in IBM Tivoli Monitoring 6.3.0.7.10/6.3.0.7.3 IBM Tivoli Monitoring Service 6.3.0.7.3 through 6.3.0.7.10 could allow an unauthorized user to access and modify operation aspects of the ITM monitoring server possibly leading to an effective denial of service or disabling of the monitoring server. | 5.0 |
| 2020-02-12 | CVE-2019-4741 | Server-Side Request Forgery (SSRF) vulnerability in IBM Content Navigator 3.0.0 IBM Content Navigator 3.0CD is vulnerable to Server Side Request Forgery (SSRF). | 5.0 |
| 2020-02-12 | CVE-2019-4427 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in IBM Cloud CLI IBM Cloud CLI 0.6.0 through 0.16.1 windows installers are signed using SHA1 certificate. | 5.0 |
| 2020-02-10 | CVE-2012-2204 | Unspecified vulnerability in IBM Infosphere Guardium 8.0.0/8.2.0 InfoSphere Guardium aix_ktap module: DoS | 4.9 |
| 2020-02-05 | CVE-2015-0102 | Improper Authentication vulnerability in IBM Workflow IBM Workflow for Bluemix does not set the secure flag for the session cookie in an https session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an http session. | 5.8 |
| 2020-02-05 | CVE-2019-4670 | Unspecified vulnerability in IBM Websphere Application Server IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow a remote attacker to obtain sensitive information caused by improper data representation. | 4.0 |
| 2020-02-05 | CVE-2019-4613 | Cross-Site Request Forgery (CSRF) vulnerability in IBM Planning Analytics 2.0 IBM Planning Analytics 2.0 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. | 6.8 |
| 2020-02-05 | CVE-2013-0507 | Session Fixation vulnerability in IBM Infosphere Information Server IBM InfoSphere Information Server 8.1, 8.5, 8.7, 9.1 has a Session Fixation Vulnerability | 5.8 |
| 2020-02-04 | CVE-2020-4163 | Improper Privilege Management vulnerability in IBM Websphere Application Server IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0, under specialized conditions, could allow an authenticated user to create a maliciously crafted file name which would be misinterpreted as jsp content and executed. | 6.0 |
| 2020-02-04 | CVE-2019-4674 | Path Traversal vulnerability in IBM Security Identity Manager 7.0.1 IBM Security Identity Manager 7.0.1 could allow a remote attacker to traverse directories on the system. | 4.0 |