Vulnerabilities > IBM > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-02-01 | CVE-2016-8966 | Information Exposure vulnerability in IBM Bigfix Inventory and License Metric Tool IBM BigFix Inventory v9 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. | 4.3 |
| 2017-02-01 | CVE-2016-8961 | Open Redirect vulnerability in IBM Bigfix Inventory and License Metric Tool IBM BigFix Inventory v9 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. | 5.8 |
| 2017-02-01 | CVE-2016-8941 | Cross-Site Request Forgery (CSRF) vulnerability in IBM products IBM Tivoli Storage Productivity Center is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. | 6.8 |
| 2017-02-01 | CVE-2016-8936 | Cross-site Scripting vulnerability in IBM Social Rendering Templates for Digital Data Connector 1.0 IBM Social Rendering Templates for Digital Data Connector is vulnerable to cross-site scripting. | 4.3 |
| 2017-02-01 | CVE-2016-8922 | Cross-site Scripting vulnerability in IBM products Exphox WebRadar is vulnerable to cross-site scripting. | 4.3 |
| 2017-02-01 | CVE-2016-8921 | Unrestricted Upload of File with Dangerous Type vulnerability in IBM Filenet Workplace XT 1.1.5 IBM FileNet WorkPlace XT could allow a remote attacker to upload arbitrary files, which could allow the attacker to execute arbitrary code on the vulnerable server. | 6.5 |
| 2017-02-01 | CVE-2016-8918 | Credentials Management vulnerability in IBM Integration BUS 10.0 IBM Integration Bus, under non default configurations, could allow a remote user to authenticate without providing valid credentials. | 4.3 |
| 2017-02-01 | CVE-2016-8913 | Path Traversal vulnerability in IBM Kenexa LMS ON Cloud IBM Kenexa LMS on Cloud 13.1 and 13.2 - 13.2.4 could allow a remote attacker to traverse directories on the system. | 4.0 |
| 2017-02-01 | CVE-2016-8912 | Information Exposure Through Log Files vulnerability in IBM Kenexa LMS ON Cloud IBM Kenexa LMS on Cloud 13.1 and 13.2 - 13.2.4 stores potentially sensitive information in in log files that could be read by an authenticated user. | 4.0 |
| 2017-02-01 | CVE-2016-6126 | Path Traversal vulnerability in IBM Kenexa LMS ON Cloud IBM Kenexa LMS on Cloud 13.1 and 13.2 - 13.2.4 could allow a remote attacker to traverse directories on the system. | 4.0 |