CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2013-3017
https://notcve.org/view.php?id=CVE-2013-3017
09 Jul 2018 — IBM Tivoli Application Dependency Discovery Manager (TADDM) before 7.2.1.5 and 7.2.x before 7.2.2 make it easier for remote attackers to defeat cryptographic protection mechanisms by leveraging support for weak SSL ciphers. IBM X-Force ID: 84353. IBM Tivoli Application Dependency Discovery Manager (TADDM) en versiones anteriores a la 7.2.1.5 y 7.2.x anteriores a la 7.2.2 facilita que los atacantes remotos sorteen los mecanismo de protección criptográfica aprovechando que soporta cifrados SSL débiles. IBM X-... • https://exchange.xforce.ibmcloud.com/vulnerabilities/84353 • CWE-310: Cryptographic Issues •
CVSS: 8.1EPSS: 0%CPEs: 2EXPL: 0CVE-2013-3023
https://notcve.org/view.php?id=CVE-2013-3023
24 May 2018 — IBM Tivoli Application Dependency Discovery Manager (TADDM) 7.1.2 and 7.2.0 through 7.2.1.4 might allow remote attackers to obtain sensitive information about Tomcat credentials by sniffing the network for a session in which HTTP is used. IBM X-Force ID: 84361. IBM Tivoli Application Dependency Discovery Manager (TADDM) 7.1.2 y de la versión 7.2.0 a la 7.2.1.4 podría permitir que atacantes remotos obtengan información sensible sobre credenciales Tomcat rastreando la web en busca de una sesión en la que se e... • http://www-01.ibm.com/support/docview.wss?uid=swg21672388 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.3EPSS: 0%CPEs: 2EXPL: 0CVE-2013-3018
https://notcve.org/view.php?id=CVE-2013-3018
24 May 2018 — The AXIS webapp in deploy-tomcat/axis in IBM Tivoli Application Dependency Discovery Manager (TADDM) 7.1.2 and 7.2.0 through 7.2.1.4 allows remote attackers to obtain sensitive configuration information via a direct request, as demonstrated by happyaxis.jsp. IBM X-Force ID: 84354. La aplicación web AXIS en deploy-tomcat/axis en IBM Tivoli Application Dependency Discovery Manager (TADDM) 7.1.2 y de la versión 7.2.0 a la 7.2.1.4 permite que atacantes remotos obtengan información sensible de configuración medi... • http://www-01.ibm.com/support/docview.wss?uid=swg21672403 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2013-4040
https://notcve.org/view.php?id=CVE-2013-4040
01 May 2018 — IBM Tivoli Application Dependency Discovery Manager (TADDM) 7.1.2.x before 7.2.1.5 and 7.2.x before 7.2.2.0 on Unix use weak permissions (755) for unspecified configuration and log files, which allows local users to obtain sensitive information by reading the files. IBM X-Force ID: 86176. IBM Tivoli Application Dependency Discovery Manager (TADDM) en versiones 7.1.2.x anteriores a la 7.2.1.5 y versiones 7.2.x anteriores a la 7.2.2.0 en Unix emplea permisos débiles (755) para archivos de configuración y de r... • https://exchange.xforce.ibmcloud.com/vulnerabilities/86176 • CWE-275: Permission Issues •
CVSS: 6.5EPSS: 0%CPEs: 21EXPL: 0CVE-2014-6148
https://notcve.org/view.php?id=CVE-2014-6148
31 Oct 2014 — IBM Tivoli Application Dependency Discovery Manager (TADDM) 7.2.0.0 through 7.2.0.10, 7.2.1.0 through 7.2.1.6, and 7.2.2.0 through 7.2.2.2 does not require TADDM authentication for rptdesign downloads, which allows remote authenticated users to obtain sensitive database information via a crafted URL. IBM Tivoli Application Dependency Discovery Manager (TADDM) 7.2.0.0 hasta 7.2.0.10, 7.2.1.0 hasta 7.2.1.6, y 7.2.2.0 hasta 7.2.2.2 no requiere la autenticación TADDM para las descargas rptdesign, lo que permite... • http://secunia.com/advisories/61785 • CWE-287: Improper Authentication •
CVSS: 5.4EPSS: 0%CPEs: 10EXPL: 0CVE-2014-6150
https://notcve.org/view.php?id=CVE-2014-6150
31 Oct 2014 — Cross-site scripting (XSS) vulnerability in IBM Tivoli Application Dependency Discovery Manager (TADDM) 7.2.1.0 through 7.2.1.6 and 7.2.2.0 through 7.2.2.2 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL. Vulnerabilidad de XSS en IBM Tivoli Application Dependency Discovery Manager (TADDM) 7.2.1.0 hasta 7.2.1.6 y 7.2.2.0 hasta 7.2.2.2 permite a usuarios remotos autenticados inyectar secuencias de comandos web o HTML arbitrarios a través de una URL manipulada. • http://secunia.com/advisories/61785 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.5EPSS: 0%CPEs: 21EXPL: 0CVE-2014-6149
https://notcve.org/view.php?id=CVE-2014-6149
29 Oct 2014 — Directory traversal vulnerability in BIRT-viewer in IBM Tivoli Application Dependency Discovery Manager (TADDM) 7.2.0.0 through 7.2.0.10, 7.2.1.0 through 7.2.1.6, and 7.2.2.0 through 7.2.2.2 allows remote authenticated users to read arbitrary files via unspecified vectors. Vulnerabilidad de salto de directorio en BIRT-viewer en IBM Tivoli Application Dependency Discovery Manager (TADDM) 7.2.0.0 hasta 7.2.0.10, 7.2.1.0 hasta 7.2.1.6, y 7.2.2.0 hasta 7.2.2.2 permite a usuarios remotos autenticados leer ficher... • http://www-01.ibm.com/support/docview.wss?uid=swg21688296 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 6.5EPSS: 0%CPEs: 25EXPL: 0CVE-2013-3004
https://notcve.org/view.php?id=CVE-2013-3004
01 Jul 2014 — Directory traversal vulnerability in BIRT-Report Viewer in IBM Tivoli Application Dependency Discovery Manager (TADDM) 7.1.x and 7.2.x before 7.2.1.5 allows remote authenticated users to read arbitrary files via unspecified vectors. Vulnerabilidad de salto de directorio en BIRT-Report Viewer en IBM Tivoli Application Dependency Discovery Manager (TADDM) 7.1.x y 7.2.x anterior a 7.2.1.5 permite a usuarios remotos autenticados leer ficheros arbitrarios a través de vectores no especificados a través de vectore... • http://www-01.ibm.com/support/docview.wss?uid=swg21672395 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 0CVE-2013-2974
https://notcve.org/view.php?id=CVE-2013-2974
29 Jan 2014 — The BIRT viewer in IBM Tivoli Application Dependency Discovery Manager (TADDM) 7.2.1.x before 7.2.1.5 allows remote authenticated users to bypass authorization checks and obtain report-administration privileges, and consequently create or delete reports or conduct SQL injection attacks, via crafted parameters to the BIRT reporting URL. El visor BIRT de IBM Tivoli Application Dependency Discovery Manager (TADDM) 7.2.1.x anterior a la versión 7.2.1.5 permite a usuarios remotos autenticados evadir las comproba... • http://www.ibm.com/support/docview.wss?uid=swg21662955 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.4EPSS: 0%CPEs: 3EXPL: 0CVE-2012-5770
https://notcve.org/view.php?id=CVE-2012-5770
06 Mar 2013 — The SSL configuration in IBM Tivoli Application Dependency Discovery Manager (TADDM) 7.2.x before 7.2.1.4 supports the MD5 hash algorithm, which makes it easier for man-in-the-middle attackers to spoof servers and decrypt network traffic via a brute-force attack. La configuración SSL en IBM Tivoli Application Dependency Discovery Manager (TADDM) v7.2.x anterior a v7.2.1.4 soporta el algoritmo de HASH MD5, lo que hace sencillo para atacantes de hombre en medio (man-in-the-middle) falsificar servidores y desc... • http://www-01.ibm.com/support/docview.wss?uid=swg1IV32391 • CWE-16: Configuration •