Vulnerabilities > IBM > Tivoli Application Dependency Discovery Manager
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2017-04-14 | CVE-2016-8926 | Information Exposure vulnerability in IBM Tivoli Application Dependency Discovery Manager IBM Tivoli Application Dependency Discovery Manager 7.2.2 and 7.3 could allow a remote attacker to read system files or data that is restricted to authorized users. | 4.0 |
2017-04-14 | CVE-2016-8925 | Information Exposure vulnerability in IBM Tivoli Application Dependency Discovery Manager IBM Tivoli Application Dependency Discovery Manager 7.2.2 and 7.3 could allow a remote attacker to include arbitrary files which could allow the attacker to read any file on the system. | 6.8 |
2014-10-31 | CVE-2014-6150 | Cross-Site Scripting vulnerability in IBM Tivoli Application Dependency Discovery Manager Cross-site scripting (XSS) vulnerability in IBM Tivoli Application Dependency Discovery Manager (TADDM) 7.2.1.0 through 7.2.1.6 and 7.2.2.0 through 7.2.2.2 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL. | 3.5 |
2014-10-31 | CVE-2014-6148 | Improper Authentication vulnerability in IBM Tivoli Application Dependency Discovery Manager IBM Tivoli Application Dependency Discovery Manager (TADDM) 7.2.0.0 through 7.2.0.10, 7.2.1.0 through 7.2.1.6, and 7.2.2.0 through 7.2.2.2 does not require TADDM authentication for rptdesign downloads, which allows remote authenticated users to obtain sensitive database information via a crafted URL. | 3.5 |
2014-10-29 | CVE-2014-6149 | Path Traversal vulnerability in IBM Tivoli Application Dependency Discovery Manager Directory traversal vulnerability in BIRT-viewer in IBM Tivoli Application Dependency Discovery Manager (TADDM) 7.2.0.0 through 7.2.0.10, 7.2.1.0 through 7.2.1.6, and 7.2.2.0 through 7.2.2.2 allows remote authenticated users to read arbitrary files via unspecified vectors. | 5.0 |
2014-07-01 | CVE-2013-3004 | Path Traversal vulnerability in IBM Tivoli Application Dependency Discovery Manager Directory traversal vulnerability in BIRT-Report Viewer in IBM Tivoli Application Dependency Discovery Manager (TADDM) 7.1.x and 7.2.x before 7.2.1.5 allows remote authenticated users to read arbitrary files via unspecified vectors. | 3.5 |
2014-01-29 | CVE-2013-2974 | Permissions, Privileges, and Access Controls vulnerability in IBM Tivoli Application Dependency Discovery Manager The BIRT viewer in IBM Tivoli Application Dependency Discovery Manager (TADDM) 7.2.1.x before 7.2.1.5 allows remote authenticated users to bypass authorization checks and obtain report-administration privileges, and consequently create or delete reports or conduct SQL injection attacks, via crafted parameters to the BIRT reporting URL. | 7.5 |
2013-03-06 | CVE-2012-5942 | Cross-Site Scripting vulnerability in IBM Tivoli Application Dependency Discovery Manager 7.2.0.0/7.2.1/7.2.1.3 Cross-site scripting (XSS) vulnerability in the Data Management Portal Web User Interface in IBM Tivoli Application Dependency Discovery Manager (TADDM) 7.2.x before 7.2.1.4 allows remote authenticated users to inject content, and conduct phishing attacks, via unspecified vectors. | 3.5 |
2013-03-06 | CVE-2012-5939 | Cross-Site Scripting vulnerability in IBM Tivoli Application Dependency Discovery Manager 7.2.0.0/7.2.1/7.2.1.3 Cross-site scripting (XSS) vulnerability in Welcome.do in the Data Management Portal Web User Interface in IBM Tivoli Application Dependency Discovery Manager (TADDM) 7.2.x before 7.2.1.4 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL. | 3.5 |
2013-03-06 | CVE-2012-5770 | Configuration vulnerability in IBM Tivoli Application Dependency Discovery Manager 7.2.0.0/7.2.1/7.2.1.3 The SSL configuration in IBM Tivoli Application Dependency Discovery Manager (TADDM) 7.2.x before 7.2.1.4 supports the MD5 hash algorithm, which makes it easier for man-in-the-middle attackers to spoof servers and decrypt network traffic via a brute-force attack. | 5.8 |