Vulnerabilities > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-02-08 | CVE-2015-7494 | Improper Access Control vulnerability in IBM Cloud Orchestrator and Smartcloud Orchestrator A vulnerability has been identified in IBM Cloud Orchestrator services/[action]/launch API. | 2.8 |
| 2017-02-03 | CVE-2016-9085 | Integer Overflow or Wraparound vulnerability in multiple products Multiple integer overflows in libwebp allows attackers to have unspecified impact via unknown vectors. | 3.3 |
| 2017-02-03 | CVE-2016-8217 | Information Exposure vulnerability in Dell Bsafe Crypto-J EMC RSA BSAFE Crypto-J versions prior to 6.2.2 has a PKCS#12 Timing Attack Vulnerability. | 3.7 |
| 2017-02-01 | CVE-2016-9703 | Session Fixation vulnerability in IBM Security Identity Manager Virtual Appliance IBM Security Identity Manager Virtual Appliance does not invalidate session tokens which could allow an unauthorized user with physical access to the work station to obtain sensitive information. | 2.4 |
| 2017-02-01 | CVE-2016-6001 | Server-Side Request Forgery (SSRF) vulnerability in IBM Forms Experience Builder 8.5/8.5.1/8.6.0 IBM Forms Experience Builder could be susceptible to a server-side request forgery (SSRF) from the application design interface allowing for some information disclosure of internal resources. | 3.1 |
| 2017-02-01 | CVE-2016-5953 | Information Exposure vulnerability in IBM Sterling Selling and Fulfillment Foundation IBM Sterling Order Management transmits the session identifier within the URL. | 3.7 |
| 2017-02-01 | CVE-2016-5938 | Information Exposure vulnerability in IBM Kenexa LMS IBM Kenexa LMS on Cloud allows web pages to be stored locally which can be read by another user on the system. | 3.3 |
| 2017-02-01 | CVE-2016-8942 | Improper Access Control vulnerability in IBM products IBM Tivoli Storage Productivity Center could allow an authenticated user with intimate knowledge of the system to edit a limited set of properties on the server. | 3.1 |
| 2017-02-01 | CVE-2016-3046 | SQL Injection vulnerability in IBM products IBM Security Access Manager for Web is vulnerable to SQL injection. | 2.7 |
| 2017-02-01 | CVE-2016-3045 | Information Exposure vulnerability in IBM products IBM Security Access Manager for Web stores sensitive information in URL parameters. | 3.7 |