Vulnerabilities > IBM > Tivoli Netcool Impact
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-07-12 | CVE-2021-29794 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in IBM Tivoli Netcool/Impact 7.1.0.20/7.1.0.21 IBM Tivoli Netcool/Impact 7.1.0.20 and 7.1.0.21 uses an insecure SSH server configuration which enables weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. | 7.5 |
| 2020-12-15 | CVE-2020-4849 | Open Redirect vulnerability in IBM Tivoli Netcool/Impact IBM Tivoli Netcool Impact 7.1.0.0 through 7.1.0.19 Interim Fix 7 could allow a remote attacker to bypass security restrictions, caused by a reverse tabnabbing flaw. | 6.1 |
| 2020-03-31 | CVE-2020-4239 | Information Exposure Through an Error Message vulnerability in IBM Tivoli Netcool/Impact IBM Tivoli Netcool Impact 7.1.0.0 through 7.1.0.17 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. | 5.3 |
| 2020-03-31 | CVE-2020-4238 | Cross-Site Request Forgery (CSRF) vulnerability in IBM Tivoli Netcool/Impact IBM Tivoli Netcool Impact 7.1.0.0 through 7.1.0.17 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. | 8.8 |
| 2020-03-31 | CVE-2020-4237 | Cross-Site Request Forgery (CSRF) vulnerability in IBM Tivoli Netcool/Impact IBM Tivoli Netcool Impact 7.1.0.0 through 7.1.0.17 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. | 8.8 |
| 2020-03-31 | CVE-2020-4236 | Unspecified vulnerability in IBM Tivoli Netcool/Impact IBM Tivoli Netcool Impact 7.1.0.0 through 7.1.0.17 could allow an authenticated user to cause a denial of service due to improper content parsing in the project management module. | 6.5 |
| 2020-03-31 | CVE-2020-4235 | Cross-site Scripting vulnerability in IBM Tivoli Netcool/Impact IBM Tivoli Netcool Impact 7.1.0.0 through 7.1.0.17 is vulnerable to cross-site scripting. | 5.4 |
| 2020-03-24 | CVE-2019-4681 | Cross-site Scripting vulnerability in IBM Tivoli Netcool/Impact IBM Tivoli Netcool Impact 7.1.0.0 through 7.1.0.17 is vulnerable to cross-site scripting. | 6.1 |
| 2019-11-22 | CVE-2019-4570 | Information Exposure Through an Error Message vulnerability in IBM Tivoli Netcool/Impact IBM Tivoli Netcool Impact 7.1.0 through 7.1.0.16 generates an error message that includes sensitive information about its environment, users, or associated data. | 5.3 |
| 2019-11-22 | CVE-2019-4569 | Cross-site Scripting vulnerability in IBM Tivoli Netcool/Impact IBM Tivoli Netcool Impact 7.1.0.0 through 7.1.0.16 is vulnerable to cross-site scripting. | 5.4 |