3 results (0.013 seconds)

CVSS: 2.1EPSS: 0%CPEs: 6EXPL: 0

IBM Flex System Manager (FSM) 1.1.x.x, 1.2.0.x, 1.2.1.x, 1.3.0.0, 1.3.1.0, and 1.3.2.0 allows local users to obtain sensitive information, and consequently gain privileges or conduct impersonation attacks, via unspecified vectors. IBM Flex System Manager (FSM) 1.1.x.x, 1.2.0.x, 1.2.1.x, 1.3.0.0, 1.3.1.0, y 1.3.2.0 permite a usuarios locales obtener información sensible, y como consecuencia ganar privilegios o realizar ataques de la suplantación de identidad, a través de vectores no especificados. • http://www-01.ibm.com/support/docview.wss?uid=swg1IT05310 http://www.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5097120 https://exchange.xforce.ibmcloud.com/vulnerabilities/96917 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 5.0EPSS: 0%CPEs: 5EXPL: 0

IBM Flex System Manager (FSM) 1.1 through 1.3 before 1.3.2.0 allows remote attackers to enumerate user accounts via unspecified vectors. IBM Flex System Manager (FSM) 1.1 hasta 1.3 anterior a 1.3.2.0 permite a atacantes remotos enumerar cuentas de usuarios a través de vectores no especificados. • http://secunia.com/advisories/58948 http://www-01.ibm.com/support/docview.wss?uid=swg1IT00278 http://www.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5095891 http://www.securityfocus.com/bid/68370 https://exchange.xforce.ibmcloud.com/vulnerabilities/87485 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 0

Cross-site scripting (XSS) vulnerability in the web server in IBM Flex System Manager (FSM) 1.1.0 through 1.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad Cross-site scripting (XSS) en el servidor web de IBM Flex System Manager (FSM) 1.1.0 hasta 1.3 permite a atacantes remotos inyectar script web o HTML de forma arbitraria a través de vectores no especificados. • http://www.ibm.com/connections/blogs/PSIRT/entry/security_bulletin_flex_system_manager_web_server_allows_generic_xss_cve_2013_5438 http://www.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5094212 https://exchange.xforce.ibmcloud.com/vulnerabilities/87753 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •