CVSS: 6.8EPSS: 0%CPEs: 12EXPL: 0CVE-2016-8925
https://notcve.org/view.php?id=CVE-2016-8925
IBM Tivoli Application Dependency Discovery Manager 7.2.2 and 7.3 could allow a remote attacker to include arbitrary files which could allow the attacker to read any file on the system. IBM X-Force ID: 118538. IBM Tivoli Application Dependency Discovery Manager 7.2.2 y 7.3 podrían permitir a un atacante remoto incluir archivos arbitrarios que podrían permitir al atacante leer cualquier archivo del sistema. IBM X-Force ID: 118538. • http://www.ibm.com/support/docview.wss?uid=swg22001579&myns=swgtiv&mynp=OCSSPLFC&mync=E&cm_sp=swgtiv-_-OCSSPLFC-_-E http://www.securityfocus.com/bid/97625 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 4.3EPSS: 0%CPEs: 12EXPL: 0CVE-2016-8926
https://notcve.org/view.php?id=CVE-2016-8926
IBM Tivoli Application Dependency Discovery Manager 7.2.2 and 7.3 could allow a remote attacker to read system files or data that is restricted to authorized users. IBM X-Force ID: 118539. IBM Tivoli Application Dependency Discovery Manager 7.2.2 y 7.3 podría permitir a un atacante remoto leer archivos del sistema o datos que estén restringidos a usuarios autorizados. IBM X-Force ID: 118539. • http://www.ibm.com/support/docview.wss?uid=swg22001579&myns=swgtiv&mynp=OCSSPLFC&mync=E&cm_sp=swgtiv-_-OCSSPLFC-_-E • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 3.5EPSS: 0%CPEs: 21EXPL: 0CVE-2014-6148
https://notcve.org/view.php?id=CVE-2014-6148
IBM Tivoli Application Dependency Discovery Manager (TADDM) 7.2.0.0 through 7.2.0.10, 7.2.1.0 through 7.2.1.6, and 7.2.2.0 through 7.2.2.2 does not require TADDM authentication for rptdesign downloads, which allows remote authenticated users to obtain sensitive database information via a crafted URL. IBM Tivoli Application Dependency Discovery Manager (TADDM) 7.2.0.0 hasta 7.2.0.10, 7.2.1.0 hasta 7.2.1.6, y 7.2.2.0 hasta 7.2.2.2 no requiere la autenticación TADDM para las descargas rptdesign, lo que permite a usuarios remotos autenticados obtener información sensible de la base de datos a través de una URL manipulada. • http://secunia.com/advisories/61785 http://www-01.ibm.com/support/docview.wss?uid=swg21688549 http://www.securityfocus.com/bid/70842 https://exchange.xforce.ibmcloud.com/vulnerabilities/96918 • CWE-287: Improper Authentication •
CVSS: 3.5EPSS: 0%CPEs: 10EXPL: 0CVE-2014-6150
https://notcve.org/view.php?id=CVE-2014-6150
Cross-site scripting (XSS) vulnerability in IBM Tivoli Application Dependency Discovery Manager (TADDM) 7.2.1.0 through 7.2.1.6 and 7.2.2.0 through 7.2.2.2 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL. Vulnerabilidad de XSS en IBM Tivoli Application Dependency Discovery Manager (TADDM) 7.2.1.0 hasta 7.2.1.6 y 7.2.2.0 hasta 7.2.2.2 permite a usuarios remotos autenticados inyectar secuencias de comandos web o HTML arbitrarios a través de una URL manipulada. • http://secunia.com/advisories/61785 http://www-01.ibm.com/support/docview.wss?uid=swg21688424 https://exchange.xforce.ibmcloud.com/vulnerabilities/96920 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.0EPSS: 0%CPEs: 21EXPL: 0CVE-2014-6149
https://notcve.org/view.php?id=CVE-2014-6149
Directory traversal vulnerability in BIRT-viewer in IBM Tivoli Application Dependency Discovery Manager (TADDM) 7.2.0.0 through 7.2.0.10, 7.2.1.0 through 7.2.1.6, and 7.2.2.0 through 7.2.2.2 allows remote authenticated users to read arbitrary files via unspecified vectors. Vulnerabilidad de salto de directorio en BIRT-viewer en IBM Tivoli Application Dependency Discovery Manager (TADDM) 7.2.0.0 hasta 7.2.0.10, 7.2.1.0 hasta 7.2.1.6, y 7.2.2.0 hasta 7.2.2.2 permite a usuarios remotos autenticados leer ficheros arbitrarios a través de vectores no especificados. • http://www-01.ibm.com/support/docview.wss?uid=swg21688296 http://www.securityfocus.com/bid/70805 https://exchange.xforce.ibmcloud.com/vulnerabilities/96919 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •