Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2018-07-09	CVE-2013-3001	Path Traversal vulnerability in IBM Infosphere Data Replication Dashboard 10.1/9.7 Directory traversal vulnerability in IBM InfoSphere Data Replication Dashboard 9.7 and 10.1 allows remote attackers to read arbitrary files via unspecified vectors. network low complexity ibm CWE-22	5.0
2018-07-09	CVE-2013-2999	Cross-site Scripting vulnerability in IBM Infosphere Data Replication Dashboard 10.1/9.7 Cross-site scripting (XSS) vulnerability in IBM InfoSphere Data Replication Dashboard 9.7 and 10.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. network ibm CWE-79	4.3
2018-07-09	CVE-2018-1548	Information Exposure vulnerability in IBM API Connect IBM API Connect 2018.1.0.0, 2018.2.1, 2018.2.2, 2018.2.3, and 2018.2.4 contains a vulnerability that could allow an authenticated user to obtain sensitive information. network low complexity ibm CWE-200	4.0
2018-07-06	CVE-2018-1676	Cross-site Scripting vulnerability in IBM Planning Analytics Local IBM Planning Analytics 2.0.0 through 2.0.4 is vulnerable to cross-site scripting. network ibm CWE-79	4.3
2018-07-06	CVE-2018-1546	Information Exposure vulnerability in IBM API Connect IBM API Connect 5.0.0.0 through 5.0.8.3 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. network high complexity ibm CWE-200	5.9
2018-07-06	CVE-2018-1542	XXE vulnerability in IBM Content Foundation and Filenet Content Manager IBM FileNet Content Manager, IBM Content Foundation, and IBM Case Foundation Administration Console for Content Platform Engine (ACCE) 5.2.1 and 5.5.0 are vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. network low complexity ibm CWE-611	5.5
2018-07-06	CVE-2017-1559	Information Exposure vulnerability in IBM products Multiple IBM Rational products could disclose sensitive information by an attacker that intercepts vulnerable requests. network low complexity ibm CWE-200	4.0
2018-07-06	CVE-2017-1509	Information Exposure vulnerability in IBM products IBM Jazz Foundation products could allow an authenticated user to obtain sensitive information from a stack trace that could be used to aid future attacks. network low complexity ibm CWE-200	4.0
2018-07-06	CVE-2017-1488	Information Exposure vulnerability in IBM products An undisclosed vulnerability in Jazz common products exists with potential for information disclosure. network low complexity ibm CWE-200	5.0
2018-07-06	CVE-2017-1248	Code Injection vulnerability in IBM products IBM Quality Manager (RQM) 5.0.x and 6.0 through 6.0.5 are vulnerable to HTML injection. network ibm CWE-94	4.3