Vulnerabilities > IBM > Medium

DATE CVE VULNERABILITY TITLE RISK
2017-02-08 CVE-2016-0210 Information Exposure vulnerability in IBM Sterling B2B Integrator 5.1/5.2
IBM Sterling B2B Integrator Standard Edition could allow a remote attacker to obtain sensitive information.
network
low complexity
ibm CWE-200
5.3
2017-02-08 CVE-2016-0203 Information Exposure vulnerability in IBM Cloud Orchestrator and Smartcloud Orchestrator
A vulnerability has been identified in the IBM Cloud Orchestrator task API.
local
low complexity
ibm CWE-200
5.5
2017-02-08 CVE-2015-7493 Information Exposure vulnerability in IBM Infosphere Information Server
IBM InfoSphere Information Server could allow a local user under special circumstances to execute commands during installation processes that could expose sensitive information.
local
high complexity
ibm CWE-200
4.7
2017-02-08 CVE-2015-7418 Information Exposure vulnerability in IBM Websphere Extreme Scale
IBM WebSphere eXtreme Scale and the WebSphere DataPower XC10 Appliance allow some sensitive data to linger in memory instead of being overwritten which could allow a local user with administrator privileges to obtain sensitive information.
local
low complexity
ibm CWE-200
4.4
2017-02-08 CVE-2015-1976 Improper Access Control vulnerability in IBM Security Directory Server and Tivoli Directory Server
IBM Security Directory Server could allow an authenticated user to execute commands into the web administration tool that would cause the tool to crash.
local
low complexity
ibm CWE-284
5.5
2017-02-08 CVE-2017-1128 Cross-site Scripting vulnerability in IBM products
IBM Rational DOORS Next Generation 4.0, 5.0, and 6.0 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
2017-02-08 CVE-2017-1127 Cross-site Scripting vulnerability in IBM products
IBM Rational DOORS Next Generation 4.0, 5.0 and 6.0 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
2017-02-08 CVE-2016-9748 Information Exposure vulnerability in IBM products
IBM Rational DOORS Next Generation 5.0 and 6.0 discloses sensitive information in error response messages that could be used for further attacks against the system.
network
low complexity
ibm CWE-200
4.3
2017-02-08 CVE-2016-6032 Cross-site Scripting vulnerability in IBM Rational Collaborative Lifecycle Management
IBM Rational Team Concert 4.0, 5.0 and 6.0 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
2017-02-08 CVE-2016-2866 Information Exposure vulnerability in IBM Rational Collaborative Lifecycle Management
An unspecified vulnerability in IBM Jazz Team Server may disclose some deployment information to an authenticated user.
network
low complexity
ibm CWE-200
4.3