Vulnerabilities > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-02-08 | CVE-2015-1976 | Improper Access Control vulnerability in IBM Security Directory Server and Tivoli Directory Server IBM Security Directory Server could allow an authenticated user to execute commands into the web administration tool that would cause the tool to crash. | 5.5 |
| 2017-02-08 | CVE-2017-1128 | Cross-site Scripting vulnerability in IBM products IBM Rational DOORS Next Generation 4.0, 5.0, and 6.0 is vulnerable to cross-site scripting. | 5.4 |
| 2017-02-08 | CVE-2017-1127 | Cross-site Scripting vulnerability in IBM products IBM Rational DOORS Next Generation 4.0, 5.0 and 6.0 is vulnerable to cross-site scripting. | 5.4 |
| 2017-02-08 | CVE-2016-9748 | Information Exposure vulnerability in IBM products IBM Rational DOORS Next Generation 5.0 and 6.0 discloses sensitive information in error response messages that could be used for further attacks against the system. | 4.3 |
| 2017-02-08 | CVE-2016-6032 | Cross-site Scripting vulnerability in IBM Rational Collaborative Lifecycle Management IBM Rational Team Concert 4.0, 5.0 and 6.0 is vulnerable to cross-site scripting. | 5.4 |
| 2017-02-08 | CVE-2016-2866 | Information Exposure vulnerability in IBM Rational Collaborative Lifecycle Management An unspecified vulnerability in IBM Jazz Team Server may disclose some deployment information to an authenticated user. | 4.3 |
| 2017-02-08 | CVE-2015-5013 | Insufficiently Protected Credentials vulnerability in IBM products The IBM Security Access Manager appliance includes configuration files that contain obfuscated plaintext-passwords which authenticated users can access. | 5.5 |
| 2017-02-08 | CVE-2017-5933 | Information Exposure vulnerability in Citrix Netscaler Application Delivery Controller Firmware Citrix NetScaler ADC and NetScaler Gateway 10.5 before Build 65.11, 11.0 before Build 69.12/69.123, and 11.1 before Build 51.21 randomly generates GCM nonces, which makes it marginally easier for remote attackers to obtain the GCM authentication key and spoof data by leveraging a reused nonce in a session and a "forbidden attack," a similar issue to CVE-2016-0270. | 5.9 |
| 2017-02-08 | CVE-2016-8492 | Information Exposure vulnerability in Fortinet Fortios The implementation of an ANSI X9.31 RNG in Fortinet FortiGate allows attackers to gain unauthorized read access to data handled by the device via IPSec/TLS decryption. | 5.9 |
| 2017-02-08 | CVE-2016-10213 | Information Exposure vulnerability in A10Networks Advanced Core Operating System 2.7.2 A10 AX1030 and possibly other devices with software before 2.7.2-P8 uses random GCM nonce generations, which makes it easier for remote attackers to obtain the authentication key and spoof data by leveraging a reused nonce in a session and a "forbidden attack," a similar issue to CVE-2016-0270. | 5.9 |