Vulnerabilities > IBM > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-02-15 | CVE-2016-6060 | Information Exposure vulnerability in IBM products An undisclosed vulnerability in IBM Rational DOORS Next Generation 4.0, 5.0, and 6.0 could allow a JazzGuest user to see project names. | 4.0 |
| 2017-02-15 | CVE-2016-6033 | Cross-Site Request Forgery (CSRF) vulnerability in IBM products IBM Tivoli Storage Manager for Virtual Environments 7.1 (VMware) is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. | 6.8 |
| 2017-02-08 | CVE-2016-5934 | Permissions, Privileges, and Access Controls vulnerability in IBM Tivoli Storage Manager Fastback IBM Tivoli Storage Manager FastBack installer could allow a remote attacker to execute arbitrary code on the system. | 6.9 |
| 2017-02-08 | CVE-2016-5902 | Cross-site Scripting vulnerability in IBM products IBM Maximo Asset Management is vulnerable to cross-site scripting. | 4.3 |
| 2017-02-08 | CVE-2016-5900 | Information Exposure vulnerability in IBM Tealeaf Customer Experience ON Cloud Network Capture Add-On 16.1.01 IBM Tealeaf Customer Experience on Cloud Network Capture Add-On could allow a remote attacker to obtain sensitive information, caused by the failure to properly validate the TLS certificate. | 4.3 |
| 2017-02-08 | CVE-2016-0308 | Improper Access Control vulnerability in IBM Connections IBM Connections 5.5 and earlier is vulnerable to possible link manipulation attack that could result in the display of inappropriate background images. | 4.0 |
| 2017-02-08 | CVE-2016-0307 | Information Exposure vulnerability in IBM Connections IBM Connections 5.5 and earlier allows remote attackers to obtain sensitive information by reading stack traces in returned responses. | 4.0 |
| 2017-02-08 | CVE-2016-0214 | Improper Access Control vulnerability in IBM Bigfix Platform IBM Tivoli Endpoint Manager could allow a remote attacker to upload arbitrary files. | 6.8 |
| 2017-02-08 | CVE-2016-0210 | Information Exposure vulnerability in IBM Sterling B2B Integrator 5.1/5.2 IBM Sterling B2B Integrator Standard Edition could allow a remote attacker to obtain sensitive information. | 5.0 |
| 2017-02-08 | CVE-2016-9748 | Information Exposure vulnerability in IBM products IBM Rational DOORS Next Generation 5.0 and 6.0 discloses sensitive information in error response messages that could be used for further attacks against the system. | 4.0 |