Vulnerabilities > IBM > Tivoli Netcool Impact

DATE CVE VULNERABILITY TITLE RISK
2021-07-12 CVE-2021-29794 Use of a Broken or Risky Cryptographic Algorithm vulnerability in IBM Tivoli Netcool/Impact 7.1.0.20/7.1.0.21
IBM Tivoli Netcool/Impact 7.1.0.20 and 7.1.0.21 uses an insecure SSH server configuration which enables weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.
network
low complexity
ibm CWE-327
5.0
5.0
2020-12-15 CVE-2020-4849 Open Redirect vulnerability in IBM Tivoli Netcool/Impact
IBM Tivoli Netcool Impact 7.1.0.0 through 7.1.0.19 Interim Fix 7 could allow a remote attacker to bypass security restrictions, caused by a reverse tabnabbing flaw.
network
ibm CWE-601
5.8
5.8
2020-03-31 CVE-2020-4239 Information Exposure vulnerability in IBM Tivoli Netcool/Impact
IBM Tivoli Netcool Impact 7.1.0.0 through 7.1.0.17 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser.
network
low complexity
ibm CWE-200
5.0
5.0
2020-03-31 CVE-2020-4238 Cross-Site Request Forgery (CSRF) vulnerability in IBM Tivoli Netcool/Impact
IBM Tivoli Netcool Impact 7.1.0.0 through 7.1.0.17 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts.
network
ibm CWE-352
6.8
6.8
2020-03-31 CVE-2020-4237 Cross-Site Request Forgery (CSRF) vulnerability in IBM Tivoli Netcool/Impact
IBM Tivoli Netcool Impact 7.1.0.0 through 7.1.0.17 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts.
network
ibm CWE-352
6.8
6.8
2020-03-31 CVE-2020-4236 Improper Input Validation vulnerability in IBM Tivoli Netcool/Impact
IBM Tivoli Netcool Impact 7.1.0.0 through 7.1.0.17 could allow an authenticated user to cause a denial of service due to improper content parsing in the project management module.
network
low complexity
ibm CWE-20
4.0
4.0
2020-03-31 CVE-2020-4235 Cross-site Scripting vulnerability in IBM Tivoli Netcool/Impact
IBM Tivoli Netcool Impact 7.1.0.0 through 7.1.0.17 is vulnerable to cross-site scripting.
network
ibm CWE-79
3.5
3.5
2020-03-24 CVE-2019-4681 Cross-site Scripting vulnerability in IBM Tivoli Netcool/Impact
IBM Tivoli Netcool Impact 7.1.0.0 through 7.1.0.17 is vulnerable to cross-site scripting. 		4.3
4.3
2019-11-22 CVE-2019-4570 Information Exposure Through an Error Message vulnerability in IBM Tivoli Netcool/Impact
IBM Tivoli Netcool Impact 7.1.0 through 7.1.0.16 generates an error message that includes sensitive information about its environment, users, or associated data.
network
low complexity
ibm CWE-209
5.0
5.0
2019-11-22 CVE-2019-4569 Cross-site Scripting vulnerability in IBM Tivoli Netcool/Impact
IBM Tivoli Netcool Impact 7.1.0.0 through 7.1.0.16 is vulnerable to cross-site scripting.
network
ibm CWE-79
3.5
3.5