Vulnerabilities > IBM > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2017-02-01 | CVE-2016-6085 | Improper Access Control vulnerability in IBM Bigfix Platform IBM BigFix Platform could allow an attacker on the local network to crash the BES and relay servers. | 6.5 |
2017-02-01 | CVE-2016-6084 | Improper Input Validation vulnerability in IBM Bigfix Platform 9.0/9.1 IBM BigFix Platform could allow an attacker on the local network to crash the BES server using a specially crafted XMLSchema request. | 6.5 |
2017-02-01 | CVE-2016-6080 | Information Exposure vulnerability in IBM Websphere Message Broker 8.0 The WebAdmin context for WebSphere Message Broker allows directory listings which could disclose sensitive information to the attacker. | 5.3 |
2017-02-01 | CVE-2016-6072 | Cross-site Scripting vulnerability in IBM products IBM Maximo Asset Management is vulnerable to cross-site scripting. | 5.4 |
2017-02-01 | CVE-2016-6061 | Cross-site Scripting vulnerability in IBM Rational Collaborative Lifecycle Management IBM Jazz Foundation is vulnerable to cross-site scripting. | 5.4 |
2017-02-01 | CVE-2016-6054 | Cross-site Scripting vulnerability in IBM Jazz Reporting Service IBM Jazz Foundation is vulnerable to cross-site scripting. | 5.4 |
2017-02-01 | CVE-2016-6047 | Cross-site Scripting vulnerability in IBM Jazz Reporting Service 6.0.2 IBM Jazz Reporting Service (JRS) is vulnerable to cross-site scripting. | 5.4 |
2017-02-01 | CVE-2016-6046 | Cross-site Scripting vulnerability in IBM Tivoli Storage Manager IBM Tivoli Storage Manager Operations Center is vulnerable to cross-site scripting. | 5.4 |
2017-02-01 | CVE-2016-6044 | Improper Access Control vulnerability in IBM Tivoli Storage Manager IBM Tivoli Storage Manager Operations Center could allow an authenticated attacker to enable or disable the application's REST API, which may let the attacker violate security policy. | 4.3 |
2017-02-01 | CVE-2016-6040 | Session Fixation vulnerability in IBM Rational Collaborative Lifecycle Management IBM Jazz Foundation could allow an authenticated user to take over a previously logged in user due to session expiration not being enforced. | 5.0 |