NotCVE - vendor:"Ibm" product:"Bigfix Platform"

Page 6 of 44 results (0.003 seconds)

CVSS: 5.3EPSS: 0%CPEs: 2EXPL: 0

CVE-2017-1230

https://notcve.org/view.php?id=CVE-2017-1230

IBM Tivoli Endpoint Manager (IBM BigFix Platform 9.2 and 9.5) uses insufficiently random numbers or values in a security context that depends on unpredictable numbers. This weakness may allow attackers to expose sensitive information by guessing tokens or identifiers. IBM X-Force ID: 123909. IBM Tivoli Endpoint Manager (IBM BigFix Platform 9.2 y 9.5) emplea números o valores aleatorios insuficientes en un contexto de seguridad que depende de números impredecibles. Esta debilidad podría permitir que atacantes expongan información sensible adivinando tokens o identificadores. • http://www.ibm.com/support/docview.wss?uid=swg22009673 http://www.securityfocus.com/bid/101571 https://exchange.xforce.ibmcloud.com/vulnerabilities/123909 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 0

CVE-2017-1228

https://notcve.org/view.php?id=CVE-2017-1228

IBM Tivoli Endpoint Manager (IBM BigFix Platform 9.2 and 9.5) could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable the secure cookie attribute. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle techniques. IBM X-Force ID: 123907. IBM Tivoli Endpoint Manager (IBM BigFix Platform 9.2 y 9.5) podría permitir que un atacante remoto obtenga información sensible, debido a que no se habilita correctamente el atributo de cookie "secure". Un atacante podría explotar esta vulnerabilidad para obtener información sensible empleando técnicas Man-in-the-Middle (MitM). • http://www.ibm.com/support/docview.wss?uid=swg22009673 http://www.securityfocus.com/bid/101571 https://exchange.xforce.ibmcloud.com/vulnerabilities/123907 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 0

CVE-2017-1521

https://notcve.org/view.php?id=CVE-2017-1521

IBM Tivoli Endpoint Manager (for Lifecycle/Power/Patch) Platform and Applications (IBM BigFix Platform 9.2 and 9.5) is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 129831. IBM Tivoli Endpoint Manager (for Lifecycle/Power/Patch) Platform and Applications (IBM BigFix Platform 9.2 y 9.5) es vulnerable a Cross-Site Scripting (XSS). Esta vulnerabilidad permite que los usuarios embeban código JavaScript arbitrario en la interfaz de usuario web, lo que altera las funcionalidades planeadas. • http://www.ibm.com/support/docview.wss?uid=swg22009673 http://www.securityfocus.com/bid/101571 https://exchange.xforce.ibmcloud.com/vulnerabilities/129831 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 0

CVE-2017-1226

https://notcve.org/view.php?id=CVE-2017-1226

IBM Tivoli Endpoint Manager (IBM BigFix Platform 9.2 and 9.5) generates an error message in error logs that includes sensitive information about its environment which could be used in further attacks against the system. IBM X-Force ID: 123905. IBM Tivoli Endpoint Manager (IBM BigFix Platform 9.2 y 9.5) genera un mensaje de error en registros de error que incluye información sensible sobre su entorno que podría emplearse en más ataques contra el sistema. IBM X-Force ID: 123905. • http://www.ibm.com/support/docview.wss?uid=swg22009673 http://www.securityfocus.com/bid/101571 https://exchange.xforce.ibmcloud.com/vulnerabilities/123905 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0

CVE-2017-1227

https://notcve.org/view.php?id=CVE-2017-1227

IBM Tivoli Endpoint Manager could allow a unauthorized user to consume all resources and crash the system. IBM X-Force ID: 123906. IBM Tivoli Endpoint Manager podría permitir a un usuario no autorizado consumir todos los recursos y bloquear el sistema. ID de IBM X-Force: 123906. • http://www.ibm.com/support/docview.wss?uid=swg22003222 https://exchange.xforce.ibmcloud.com/vulnerabilities/123906 • CWE-770: Allocation of Resources Without Limits or Throttling •

1...4 5 6 7 8