CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2013-3017
https://notcve.org/view.php?id=CVE-2013-3017
IBM Tivoli Application Dependency Discovery Manager (TADDM) before 7.2.1.5 and 7.2.x before 7.2.2 make it easier for remote attackers to defeat cryptographic protection mechanisms by leveraging support for weak SSL ciphers. IBM X-Force ID: 84353. IBM Tivoli Application Dependency Discovery Manager (TADDM) en versiones anteriores a la 7.2.1.5 y 7.2.x anteriores a la 7.2.2 facilita que los atacantes remotos sorteen los mecanismo de protección criptográfica aprovechando que soporta cifrados SSL débiles. IBM X-Force ID: 84353. • https://exchange.xforce.ibmcloud.com/vulnerabilities/84353 https://www.ibm.com/blogs/psirt/ibm-security-bulletin-taddm-reject-weak-and-medium-ciphers-on-taddm-ports • CWE-310: Cryptographic Issues •
CVSS: 8.1EPSS: 0%CPEs: 2EXPL: 0CVE-2013-3023
https://notcve.org/view.php?id=CVE-2013-3023
IBM Tivoli Application Dependency Discovery Manager (TADDM) 7.1.2 and 7.2.0 through 7.2.1.4 might allow remote attackers to obtain sensitive information about Tomcat credentials by sniffing the network for a session in which HTTP is used. IBM X-Force ID: 84361. IBM Tivoli Application Dependency Discovery Manager (TADDM) 7.1.2 y de la versión 7.2.0 a la 7.2.1.4 podría permitir que atacantes remotos obtengan información sensible sobre credenciales Tomcat rastreando la web en busca de una sesión en la que se emplee HTTP. IBM X-Force ID: 84361. • http://www-01.ibm.com/support/docview.wss?uid=swg21672388 https://exchange.xforce.ibmcloud.com/vulnerabilities/84361 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.3EPSS: 0%CPEs: 2EXPL: 0CVE-2013-3018
https://notcve.org/view.php?id=CVE-2013-3018
The AXIS webapp in deploy-tomcat/axis in IBM Tivoli Application Dependency Discovery Manager (TADDM) 7.1.2 and 7.2.0 through 7.2.1.4 allows remote attackers to obtain sensitive configuration information via a direct request, as demonstrated by happyaxis.jsp. IBM X-Force ID: 84354. La aplicación web AXIS en deploy-tomcat/axis en IBM Tivoli Application Dependency Discovery Manager (TADDM) 7.1.2 y de la versión 7.2.0 a la 7.2.1.4 permite que atacantes remotos obtengan información sensible de configuración mediante una petición directa, tal y como queda demostrado con happyaxis.jsp. IBM X-Force ID: 84354. • http://www-01.ibm.com/support/docview.wss?uid=swg21672403 https://exchange.xforce.ibmcloud.com/vulnerabilities/84354 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2013-4040
https://notcve.org/view.php?id=CVE-2013-4040
IBM Tivoli Application Dependency Discovery Manager (TADDM) 7.1.2.x before 7.2.1.5 and 7.2.x before 7.2.2.0 on Unix use weak permissions (755) for unspecified configuration and log files, which allows local users to obtain sensitive information by reading the files. IBM X-Force ID: 86176. IBM Tivoli Application Dependency Discovery Manager (TADDM) en versiones 7.1.2.x anteriores a la 7.2.1.5 y versiones 7.2.x anteriores a la 7.2.2.0 en Unix emplea permisos débiles (755) para archivos de configuración y de registro sin especificar, lo que permite que usuarios locales obtengan información sensible leyendo los archivos. IBM X-Force ID: 86176. • https://exchange.xforce.ibmcloud.com/vulnerabilities/86176 https://www-01.ibm.com/support/docview.wss?uid=swg21672253 • CWE-275: Permission Issues •
CVSS: 3.5EPSS: 0%CPEs: 25EXPL: 0CVE-2013-3004
https://notcve.org/view.php?id=CVE-2013-3004
Directory traversal vulnerability in BIRT-Report Viewer in IBM Tivoli Application Dependency Discovery Manager (TADDM) 7.1.x and 7.2.x before 7.2.1.5 allows remote authenticated users to read arbitrary files via unspecified vectors. Vulnerabilidad de salto de directorio en BIRT-Report Viewer en IBM Tivoli Application Dependency Discovery Manager (TADDM) 7.1.x y 7.2.x anterior a 7.2.1.5 permite a usuarios remotos autenticados leer ficheros arbitrarios a través de vectores no especificados a través de vectores no especificados. • http://www-01.ibm.com/support/docview.wss?uid=swg21672395 http://www.securityfocus.com/bid/68452 https://exchange.xforce.ibmcloud.com/vulnerabilities/84145 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •