Vulnerabilities > IBM > Tivoli Application Dependency Discovery Manager > 7.2.1.3

DATE	CVE	VULNERABILITY TITLE	RISK
2013-03-06	CVE-2012-5939	Cross-Site Scripting vulnerability in IBM Tivoli Application Dependency Discovery Manager 7.2.0.0/7.2.1/7.2.1.3 Cross-site scripting (XSS) vulnerability in Welcome.do in the Data Management Portal Web User Interface in IBM Tivoli Application Dependency Discovery Manager (TADDM) 7.2.x before 7.2.1.4 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL. network ibm CWE-79	3.5
2013-03-06	CVE-2012-5770	Configuration vulnerability in IBM Tivoli Application Dependency Discovery Manager 7.2.0.0/7.2.1/7.2.1.3 The SSL configuration in IBM Tivoli Application Dependency Discovery Manager (TADDM) 7.2.x before 7.2.1.4 supports the MD5 hash algorithm, which makes it easier for man-in-the-middle attackers to spoof servers and decrypt network traffic via a brute-force attack. network ibm CWE-16	5.8

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.