Vulnerabilities > IBM > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-05-22 | CVE-2017-1159 | Open Redirect vulnerability in IBM Business Process Manager IBM Business Process Manager 8.0 and 8.5 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. | 5.4 |
| 2017-05-15 | CVE-2016-9750 | Credentials Management vulnerability in IBM Qradar Security Information and Event Manager 7.2.0/7.3.0 IBM QRadar 7.2 and 7.3 stores user credentials in plain in clear text which can be read by an authenticated user. | 6.5 |
| 2017-05-15 | CVE-2016-9735 | Information Exposure vulnerability in IBM products IBM Jazz Foundation could allow an authenticated user to obtain sensitive information from stack traces. | 4.3 |
| 2017-05-10 | CVE-2016-6037 | Cross-site Scripting vulnerability in IBM Rational Quality Manager and Rational Team Concert IBM Rational Team Concert (RTC) is vulnerable to HTML injection. | 4.8 |
| 2017-05-10 | CVE-2016-6035 | Cross-site Scripting vulnerability in IBM Rational Quality Manager and Rational Team Concert IBM Rational Quality Manager is vulnerable to cross-site scripting. | 5.4 |
| 2017-05-10 | CVE-2016-5888 | Cross-site Scripting vulnerability in IBM Interact IBM Interact 8.6, 9.0, 9.1, and 10.0 is vulnerable to cross-site scripting. | 5.4 |
| 2017-05-10 | CVE-2016-3032 | Cross-site Scripting vulnerability in IBM Cognos Analytics IBM Cognos Analytics 11.0 is vulnerable to cross-site scripting. | 5.4 |
| 2017-05-05 | CVE-2016-8916 | Information Exposure vulnerability in IBM Tivoli Storage Manager IBM Tivoli Storage Manager 5.5, 6.1-6.4, and 7.1 stores password information in a log file that could be read by a local user when a set password command is issued. | 5.5 |
| 2017-05-05 | CVE-2016-0255 | Cross-site Scripting vulnerability in IBM Marketing Platform IBM Marketing Platform 9.1 and 10.0 is vulnerable to stored cross-site scripting, caused by improper validation of user-supplied input. | 6.1 |
| 2017-05-03 | CVE-2016-0382 | Information Exposure vulnerability in IBM Tealeaf Consumer Experience The IBM Tealeaf Consumer Experience 8.7, 8.8, and 9.0 portal exposes some of its operational state in a form that may be accidentally captured and exposed by network infrastructure components such as IIS. | 4.0 |