Vulnerabilities > IBM > Medium

DATE CVE VULNERABILITY TITLE RISK
2017-07-06 CVE-2017-1236 Improper Input Validation vulnerability in IBM Websphere MQ 9.0.2
IBM WebSphere MQ 9.0.2 could allow an authenticated user to potentially cause a denial of service by saving an incorrect channel status inquiry.
network
low complexity
ibm CWE-20
6.5
2017-07-05 CVE-2017-1157 Information Exposure vulnerability in IBM Jazz Reporting Service 5.0/6.0
IBM Jazz Reporting Service (JRS) 5.0 and 6.0 could allow an authenticated attacker to access report data that should be restricted to authorized users.
network
low complexity
ibm CWE-200
4.3
2017-07-05 CVE-2017-1096 Cross-site Scripting vulnerability in IBM Jazz Reporting Service
IBM Jazz Reporting Service (JRS) 5.0 and 6.0 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
2017-07-05 CVE-2016-9989 Cross-site Scripting vulnerability in IBM Jazz Reporting Service
IBM Jazz Foundation Reporting Service (JRS) 5.0 and 6.0 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
2017-07-05 CVE-2016-9988 Cross-site Scripting vulnerability in IBM Jazz Reporting Service
IBM Jazz Foundation Reporting Service (JRS) 5.0 and 6.0 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
2017-07-05 CVE-2016-9987 Cross-site Scripting vulnerability in IBM Jazz Reporting Service
IBM Jazz Foundation Reporting Service (JRS) 5.0 and 6.0 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
2017-07-05 CVE-2016-9986 Cross-site Scripting vulnerability in IBM Jazz Reporting Service
IBM Jazz Foundation Reporting Service (JRS) 5.0 and 6.0 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
2017-07-05 CVE-2016-9700 Information Exposure vulnerability in IBM products
IBM Jazz Foundation could allow an authenticated attacker to obtain sensitive information from error message stack traces.
network
low complexity
ibm CWE-200
4.3
2017-07-05 CVE-2017-1208 Cross-site Scripting vulnerability in IBM Maximo Asset Management
IBM Maximo Asset Management 7.1, 7.5, and 7.6 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
2017-07-05 CVE-2017-1207 Insufficiently Protected Credentials vulnerability in IBM Integration BUS and Websphere Message Broker
IBM WebSphere Message Broker stores user credentials in plain in clear text which can be read by a local user.
local
low complexity
ibm CWE-522
5.5