Vulnerabilities > IBM > Security Siteprotector System > 3.1.1.0

DATE CVE VULNERABILITY TITLE RISK
2021-11-12 CVE-2020-4140 Cross-site Scripting vulnerability in IBM Security Siteprotector System 3.1.1.0
IBM Security SiteProtector System 3.1.1 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
5.4
2021-11-12 CVE-2020-4146 Incorrect Permission Assignment for Critical Resource vulnerability in IBM Security Siteprotector System 3.1.1.0
IBM Security SiteProtector System 3.1.1 could allow a remote attacker to obtain sensitive information, caused by missing 'HttpOnly' flag.
network
low complexity
ibm CWE-732
5.3
5.3
2018-04-10 CVE-2015-0172 Information Exposure vulnerability in IBM Security Siteprotector System 3.0/3.1.0.0/3.1.1.0
IBM Security SiteProtector System 3.0, 3.1.0 and 3.1.1 allows remote attackers to bypass intended security restrictions and consequently execute unspecified commands and obtain sensitive information via unknown vectors.
network
low complexity
ibm CWE-200
7.5
7.5
2017-09-20 CVE-2015-0162 Permissions, Privileges, and Access Controls vulnerability in IBM Security Siteprotector System 3.0/3.1.0.0/3.1.1.0
IBM Security SiteProtector System 3.0, 3.1, and 3.1.1 allows local users to gain privileges.
local
high complexity
ibm CWE-264
7.0
7.0