Vulnerabilities > Medium

DATE CVE VULNERABILITY TITLE RISK
2017-06-13 CVE-2017-1104 Cross-site Scripting vulnerability in IBM Rational Quality Manager
IBM Quality Manager (RQM) 4.0, 5.0, and 6.0 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
5.4
2017-06-13 CVE-2017-1102 Cross-site Scripting vulnerability in IBM Rational Quality Manager
IBM Quality Manager (RQM) 4.0, 5.0, and 6.0 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
5.4
2017-06-13 CVE-2017-1101 Cross-site Scripting vulnerability in IBM Rational Quality Manager
IBM Quality Manager (RQM) 4.0, 5.0, and 6.0 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
5.4
2017-06-13 CVE-2017-1100 Cross-site Scripting vulnerability in IBM Rational Quality Manager
IBM Quality Manager (RQM) 4.0, 5.0, and 6.0 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
5.4
2017-06-13 CVE-2017-1099 Information Exposure vulnerability in IBM products
IBM Jazz Foundation could expose potentially sensitive information to authenticated users through stack trace error conditions.
network
low complexity
ibm CWE-200
4.3
4.3
2017-06-13 CVE-2016-9973 Cross-site Scripting vulnerability in IBM products
IBM Jazz Foundation is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
5.4
2017-06-13 CVE-2016-3696 Information Exposure vulnerability in multiple products
The pulp-qpid-ssl-cfg script in Pulp before 2.8.5 allows local users to obtain the CA key.
local
low complexity
fedoraproject pulpproject CWE-200
5.5
5.5
2017-06-13 CVE-2017-6697 Information Exposure vulnerability in Cisco Elastic Services Controller 2.2(9.76)
A vulnerability in the web interface of Cisco Elastic Services Controllers could allow an authenticated, remote attacker to access sensitive system credentials that are stored in an affected system.
network
low complexity
cisco CWE-200
6.5
6.5
2017-06-13 CVE-2017-6696 Information Exposure vulnerability in Cisco Elastic Services Controller 2.3(2)
A vulnerability in the file system of Cisco Elastic Services Controllers could allow an authenticated, local attacker to gain access to sensitive user credentials that are stored in an affected system.
local
low complexity
cisco CWE-200
5.5
5.5
2017-06-13 CVE-2017-6695 Information Exposure vulnerability in Cisco Ultra Services Platform 21.0.V0.65839
A vulnerability in the ConfD server in Cisco Ultra Services Platform could allow an authenticated, local attacker to view sensitive information.
local
low complexity
cisco CWE-200
5.5
5.5