NotCVE - vendor:"IBM" product:"Jazz For Service Management" version:" >= 1.1.3.0 <= 1.1.3.22"

Page 2 of 22 results (0.009 seconds)

CVSS: 6.4EPSS: 0%CPEs: 4EXPL: 0

CVE-2021-29815

https://notcve.org/view.php?id=CVE-2021-29815

23 Sep 2021 — IBM Jazz for Service Management 1.1.3.10 and IBM Tivoli Netcool/OMNIbus_GUI is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 204340. IBM Jazz for Service Management versión 1.1.3.10 e IBM Tivoli Netcool/OMNIbus_GUI, son vulnerables a un ataque de tipo cross-site scripting almacenado. Esta vulnerabilidad ... • https://exchange.xforce.ibmcloud.com/vulnerabilities/204340 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 6.4EPSS: 0%CPEs: 4EXPL: 0

CVE-2021-29814

https://notcve.org/view.php?id=CVE-2021-29814

23 Sep 2021 — IBM Jazz for Service Management 1.1.3.10 and IBM Tivoli Netcool/OMNIbus_GUI is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 204334. IBM Jazz for Service Management versión 1.1.3.10 e IBM Tivoli Netcool/OMNIbus_GUI, son vulnerables a un ataque de tipo cross-site scripting almacenado. Esta vulnerabilidad ... • https://exchange.xforce.ibmcloud.com/vulnerabilities/204334 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 6.4EPSS: 0%CPEs: 4EXPL: 0

CVE-2021-29813

https://notcve.org/view.php?id=CVE-2021-29813

23 Sep 2021 — IBM Jazz for Service Management 1.1.3.10 and IBM Tivoli Netcool/OMNIbus_GUI is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 204331. IBM Jazz for Service Management versión 1.1.3.10 e IBM Tivoli Netcool/OMNIbus_GUI, son vulnerables a un ataque de tipo cross-site scripting almacenado. Esta vulnerabilidad ... • https://exchange.xforce.ibmcloud.com/vulnerabilities/204331 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 6.4EPSS: 0%CPEs: 4EXPL: 0

CVE-2021-29812

https://notcve.org/view.php?id=CVE-2021-29812

23 Sep 2021 — IBM Jazz for Service Management 1.1.3.10 and IBM Tivoli Netcool/OMNIbus_GUI is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 204330. IBM Jazz for Service Management versión 1.1.3.10 e IBM Tivoli Netcool/OMNIbus_GUI, son vulnerables a un ataque de tipo cross-site scripting almacenado. Esta vulnerabilidad ... • https://exchange.xforce.ibmcloud.com/vulnerabilities/204330 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 6.4EPSS: 0%CPEs: 4EXPL: 0

CVE-2021-29810

https://notcve.org/view.php?id=CVE-2021-29810

23 Sep 2021 — IBM Jazz for Service Management 1.1.3.10 and IBM Tivoli Netcool/OMNIbus_GUI is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 204279. IBM Jazz for Service Management versión 1.1.3.10 e IBM Tivoli Netcool/OMNIbus_GUI, son vulnerables a un ataque de tipo cross-site scripting almacenado. Esta vulnerabilidad ... • https://exchange.xforce.ibmcloud.com/vulnerabilities/204279 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 6.4EPSS: 0%CPEs: 2EXPL: 0

CVE-2021-29800

https://notcve.org/view.php?id=CVE-2021-29800

23 Sep 2021 — IBM Tivoli Netcool/OMNIbus_GUI and IBM Jazz for Service Management 1.1.3.10 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM Tivoli Netcool/OMNIbus_GUI e IBM Jazz for Service Management versión 1.1.3.10, son vulnerables a un ataque de tipo cross-site scripting almacenado. Esta vulnerabilidad permite a usuarios inser... • https://exchange.xforce.ibmcloud.com/vulnerabilities/203906 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 8.1EPSS: 0%CPEs: 2EXPL: 0

CVE-2021-29831

https://notcve.org/view.php?id=CVE-2021-29831

21 Sep 2021 — IBM Jazz for Service Management 1.1.3.10 and IBM Tivoli Netcool/OMNIbus_GUI is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 204775. IBM Jazz for Service Management versión 1.1.3.10 e IBM Tivoli Netcool/OMNIbus_GUI son vulnerables a un ataque de tipo XML External Entity Injection (XXE) cuando son procesados datos XML. Un atacante remoto podrí... • https://exchange.xforce.ibmcloud.com/vulnerabilities/204775 • CWE-611: Improper Restriction of XML External Entity Reference •

CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 0

CVE-2019-4718

https://notcve.org/view.php?id=CVE-2019-4718

23 Mar 2020 — IBM Jazz for Service Management 3.13 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 172123. IBM Jazz for Service Management versión 3.13, es vulnerable a un ataque de tipo cross-site scripting. Esta vulnerabilidad permite a usuarios insertar código JavaScript arbitrario en la Interfaz de Usuario Web, alterand... • https://exchange.xforce.ibmcloud.com/vulnerabilities/172123 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 6.2EPSS: 0%CPEs: 3EXPL: 0

CVE-2019-4275

https://notcve.org/view.php?id=CVE-2019-4275

02 Aug 2019 — IBM Jazz for Service Management 1.1.3, 1.1.3.1, and 1.1.3.2 could allow an unauthorized local user to create unique catalog names that could cause a denial of service. IBM X-Force ID: 160296. Jazz for Service Management de IBM versiones 1.1.3, 1.1.3.1 y 1.1.3.2, podría permitir a un usuario local no autorizado crear nombres de catálogo únicos que podrían causar una denegación de servicio. ID de IBM X-Force: 160296. • http://www.ibm.com/support/docview.wss?uid=ibm10959011 •

CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0

CVE-2019-4194

https://notcve.org/view.php?id=CVE-2019-4194

17 Jul 2019 — IBM Jazz for Service Management 1.1.3, 1.1.3.1, and 1.1.3.2 is missing function level access control that could allow a user to delete authorized resources. IBM X-Force ID: 159033. IBM Jazz for Service Management versiones 1.1.3, 1.1.3.1, y 1.1.3.2 falta el control de acceso a nivel de función que podría permitir a un usuario eliminar recursos autorizados. ID de IBM X-Force: 159033. • http://www.ibm.com/support/docview.wss?uid=ibm10885989 •

1 2 3