Vulnerabilities > IBM > Smartcloud Analytics LOG Analysis > 1.3.1
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-12-10 | CVE-2019-4244 | Missing Authentication for Critical Function vulnerability in IBM Smartcloud Analytics LOG Analysis IBM SmartCloud Analytics 1.3.1 through 1.3.5 could allow a remote attacker to gain unauthorized information and unrestricted control over Zookeeper installations due to missing authentication. | 6.4 |
| 2019-11-22 | CVE-2019-4243 | Unspecified vulnerability in IBM Smartcloud Analytics LOG Analysis IBM SmartCloud Analytics 1.3.1 through 1.3.5 allows unauthorized disclosure of information like accessing solrconfig.xml and could allow an attacker to perform disruptive administrator tasks. | 3.6 |
| 2019-11-22 | CVE-2019-4216 | Injection vulnerability in IBM Smartcloud Analytics LOG Analysis IBM SmartCloud Analytics 1.3.1 through 1.3.5 is vulnerable to possible host header injection attack that could lead to HTTP cache poisoning or firewall bypass. | 4.9 |
| 2019-11-22 | CVE-2019-4215 | Improper Input Validation vulnerability in IBM Smartcloud Analytics LOG Analysis IBM SmartCloud Analytics 1.3.1 through 1.3.5 could allow a remote attacker to hijack the clicking action of the victim. | 4.3 |
| 2019-11-22 | CVE-2019-4214 | Missing Encryption of Sensitive Data vulnerability in IBM Smartcloud Analytics LOG Analysis IBM SmartCloud Analytics 1.3.1 through 1.3.5 does not set the secure attribute on authorization tokens or session cookies. | 4.3 |