Vulnerabilities > IBM > Tivoli Monitoring > 6.2.2.9
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2017-12-13 | CVE-2017-1635 | Use After Free vulnerability in IBM Tivoli Monitoring IBM Tivoli Monitoring V6 6.2.2.x could allow a remote attacker to execute arbitrary code on the system, caused by a use-after-free error. | 8.0 |
2017-07-17 | CVE-2017-1183 | SQL Injection vulnerability in IBM Tivoli Monitoring 6.2.2.9/6.2.3.5/6.3.0.7 IBM Tivoli Monitoring Portal v6 could allow a local (network adjacent) attacker to modify SQL commands to the Portal Server, when default client-server communications, HTTP, are being used. | 7.5 |
2017-07-17 | CVE-2017-1182 | Unspecified vulnerability in IBM Tivoli Monitoring 6.2.2.9/6.2.3.5/6.3.0.7 IBM Tivoli Monitoring Portal v6 could allow a local (network adjacent) attacker to execute arbitrary commands on the system, when default client-server default communications, HTTP, are being used. high complexity ibm | 7.5 |
2017-07-17 | CVE-2017-1181 | Cleartext Transmission of Sensitive Information vulnerability in IBM Tivoli Monitoring 6.2.2.9/6.2.3.5/6.3.0.7 IBM Tivoli Monitoring Portal V6 client could allow a local attacker to gain elevated privileges for IBM Tivoli Monitoring, caused by the default console connection not being encrypted. | 7.0 |
2017-06-27 | CVE-2016-6083 | Information Exposure vulnerability in IBM Tivoli Monitoring IBM Tivoli Monitoring V6 could allow an unauthenticated user to access SOAP queries that could contain sensitive information. | 5.3 |
2017-03-08 | CVE-2016-5933 | 7PK - Security Features vulnerability in IBM Tivoli Monitoring IBM Tivoli Monitoring 6.2 and 6.3 is vulnerable to possible host header injection attack that could lead to HTTP cache poisoning or firewall bypass. | 4.6 |
2016-12-01 | CVE-2016-2946 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in IBM Tivoli Monitoring Stack-based buffer overflow in the ax Shared Libraries in the Agent in IBM Tivoli Monitoring (ITM) 6.2.2 before FP9, 6.2.3 before FP5, and 6.3.0 before FP2 on Linux and UNIX allows local users to gain privileges via unspecified vectors. | 7.8 |
2016-03-12 | CVE-2015-7411 | Permissions, Privileges, and Access Controls vulnerability in IBM Tivoli Monitoring The portal client in IBM Tivoli Monitoring (ITM) 6.2.2 through FP9, 6.2.3 through FP5, and 6.3.0 through FP6 allows remote authenticated users to gain privileges via unspecified vectors. | 9.9 |