Vulnerabilities > IBM > Tivoli Application Dependency Discovery Manager > 7.2.1
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-07-09 | CVE-2013-3017 | Cryptographic Issues vulnerability in IBM Tivoli Application Dependency Discovery Manager IBM Tivoli Application Dependency Discovery Manager (TADDM) before 7.2.1.5 and 7.2.x before 7.2.2 make it easier for remote attackers to defeat cryptographic protection mechanisms by leveraging support for weak SSL ciphers. | 5.0 |
| 2018-05-24 | CVE-2013-3023 | Information Exposure vulnerability in IBM Tivoli Application Dependency Discovery Manager IBM Tivoli Application Dependency Discovery Manager (TADDM) 7.1.2 and 7.2.0 through 7.2.1.4 might allow remote attackers to obtain sensitive information about Tomcat credentials by sniffing the network for a session in which HTTP is used. | 4.3 |
| 2018-05-24 | CVE-2013-3018 | Information Exposure vulnerability in IBM Tivoli Application Dependency Discovery Manager The AXIS webapp in deploy-tomcat/axis in IBM Tivoli Application Dependency Discovery Manager (TADDM) 7.1.2 and 7.2.0 through 7.2.1.4 allows remote attackers to obtain sensitive configuration information via a direct request, as demonstrated by happyaxis.jsp. | 5.0 |
| 2018-05-01 | CVE-2013-4040 | Permission Issues vulnerability in IBM Tivoli Application Dependency Discovery Manager IBM Tivoli Application Dependency Discovery Manager (TADDM) 7.1.2.x before 7.2.1.5 and 7.2.x before 7.2.2.0 on Unix use weak permissions (755) for unspecified configuration and log files, which allows local users to obtain sensitive information by reading the files. | 2.1 |
| 2014-10-31 | CVE-2014-6150 | Cross-Site Scripting vulnerability in IBM Tivoli Application Dependency Discovery Manager Cross-site scripting (XSS) vulnerability in IBM Tivoli Application Dependency Discovery Manager (TADDM) 7.2.1.0 through 7.2.1.6 and 7.2.2.0 through 7.2.2.2 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL. | 3.5 |
| 2014-10-31 | CVE-2014-6148 | Improper Authentication vulnerability in IBM Tivoli Application Dependency Discovery Manager IBM Tivoli Application Dependency Discovery Manager (TADDM) 7.2.0.0 through 7.2.0.10, 7.2.1.0 through 7.2.1.6, and 7.2.2.0 through 7.2.2.2 does not require TADDM authentication for rptdesign downloads, which allows remote authenticated users to obtain sensitive database information via a crafted URL. | 3.5 |
| 2014-10-29 | CVE-2014-6149 | Path Traversal vulnerability in IBM Tivoli Application Dependency Discovery Manager Directory traversal vulnerability in BIRT-viewer in IBM Tivoli Application Dependency Discovery Manager (TADDM) 7.2.0.0 through 7.2.0.10, 7.2.1.0 through 7.2.1.6, and 7.2.2.0 through 7.2.2.2 allows remote authenticated users to read arbitrary files via unspecified vectors. | 5.0 |
| 2014-07-01 | CVE-2013-3004 | Path Traversal vulnerability in IBM Tivoli Application Dependency Discovery Manager Directory traversal vulnerability in BIRT-Report Viewer in IBM Tivoli Application Dependency Discovery Manager (TADDM) 7.1.x and 7.2.x before 7.2.1.5 allows remote authenticated users to read arbitrary files via unspecified vectors. | 3.5 |
| 2013-03-06 | CVE-2012-5942 | Cross-Site Scripting vulnerability in IBM Tivoli Application Dependency Discovery Manager 7.2.0.0/7.2.1/7.2.1.3 Cross-site scripting (XSS) vulnerability in the Data Management Portal Web User Interface in IBM Tivoli Application Dependency Discovery Manager (TADDM) 7.2.x before 7.2.1.4 allows remote authenticated users to inject content, and conduct phishing attacks, via unspecified vectors. | 3.5 |
| 2013-03-06 | CVE-2012-5939 | Cross-Site Scripting vulnerability in IBM Tivoli Application Dependency Discovery Manager 7.2.0.0/7.2.1/7.2.1.3 Cross-site scripting (XSS) vulnerability in Welcome.do in the Data Management Portal Web User Interface in IBM Tivoli Application Dependency Discovery Manager (TADDM) 7.2.x before 7.2.1.4 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL. | 3.5 |