Page 2 of 23 results (0.002 seconds)

CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0

IBM Integration Bus 9.0.0.0, 9.0.0.11, 10.0.0.0, and 10.0.0.14 (including IBM WebSphere Message Broker 8.0.0.0 and 8.0.0.9) has insecure permissions on certain files. A local attacker could exploit this vulnerability to modify or delete these files with an unknown impact. IBM X-Force ID: 127406. La versiones 9.0.0.0, 9.0.0.11, 10.0.0.0 y 10.0.0.14 de IBM Integration Bus (inclusivas las 8.0.0.0 y 8.0.0.9 de WebSphere Message Broker) tienen permisos inseguros en determinados archivos. Un atacante local podría explotar esta vulnerabilidad para modificar o borrar dichos archivos con un impacto desconocido. • http://www.ibm.com/support/docview.wss?uid=ibm10735181 https://exchange.xforce.ibmcloud.com/vulnerabilities/127406 • CWE-275: Permission Issues •

CVSS: 6.8EPSS: 0%CPEs: 20EXPL: 0

IBM Integration Bus 9.0 and 10.0 could allow an attacker that has captured a valid session id to hijack another users session during a small timeframe before the session times out. IBM X-Force ID: 134164. IBM Integration Bus 9.0 y 10.0 podría permitir que un atacante que haya capturado un id de sesión válido secuestre la sesión de otro usuario durante una pequeña franja de tiempo antes de que la sesión expire. IBM X-Force ID: 134164. • http://www.ibm.com/support/docview.wss?uid=swg22012642 http://www.securityfocus.com/bid/102760 https://exchange.xforce.ibmcloud.com/vulnerabilities/134164 • CWE-613: Insufficient Session Expiration •

CVSS: 8.1EPSS: 0%CPEs: 20EXPL: 0

IBM Integration Bus 9.0 and 10.0 transmits user credentials in plain in clear text which can be read by an attacker using man in the middle techniques. IBM X-Force ID: 134165. IBM Integration Bus 9.0 y 10.0 transmite credenciales de usuario en texto claro y plano que podrían ser leídas por un atacante que utilice técnicas Man-in-the-Middle (MitM). IBM X-Force ID: 134165. • http://www.ibm.com/support/docview.wss?uid=swg22011695 http://www.securityfocus.com/bid/102215 https://exchange.xforce.ibmcloud.com/vulnerabilities/134165 • CWE-319: Cleartext Transmission of Sensitive Information •

CVSS: 5.3EPSS: 0%CPEs: 27EXPL: 0

IBM WebSphere Message Broker (IBM Integration Bus 9.0 and 10.0) could allow an unauthorized user to obtain sensitive information about software versions that could lead to further attacks. IBM X-Force ID: 121341. IBM WebSphere Message Broker (IBM Integration Bus 9.0 y 10.0) permite que un usuario no autorizado obtenga información sensible sobre versiones de software que podría permitir que se produzcan futuros ataques. IBM X-Force ID: 121341. • http://www.ibm.com/support/docview.wss?uid=swg22008470 http://www.securityfocus.com/bid/101104 https://exchange.xforce.ibmcloud.com/vulnerabilities/121341 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 2.5EPSS: 0%CPEs: 25EXPL: 0

IBM WebSphere Message Broker could allow a local user with specialized access to prevent the message broker from starting. IBM X-Force ID: 122033. WebSphere Message Broker de IBM, podría permitir a un usuario local con acceso especializado impedir que el intermediario de mensajes se inicie. ID de IBM X-Force: 122033. • http://www.ibm.com/support/docview.wss?uid=swg22005383 http://www.securityfocus.com/bid/99365 https://exchange.xforce.ibmcloud.com/vulnerabilities/122033 • CWE-426: Untrusted Search Path •