CVSS: 6.5EPSS: 0%CPEs: 21EXPL: 0CVE-2014-6148
https://notcve.org/view.php?id=CVE-2014-6148
31 Oct 2014 — IBM Tivoli Application Dependency Discovery Manager (TADDM) 7.2.0.0 through 7.2.0.10, 7.2.1.0 through 7.2.1.6, and 7.2.2.0 through 7.2.2.2 does not require TADDM authentication for rptdesign downloads, which allows remote authenticated users to obtain sensitive database information via a crafted URL. IBM Tivoli Application Dependency Discovery Manager (TADDM) 7.2.0.0 hasta 7.2.0.10, 7.2.1.0 hasta 7.2.1.6, y 7.2.2.0 hasta 7.2.2.2 no requiere la autenticación TADDM para las descargas rptdesign, lo que permite... • http://secunia.com/advisories/61785 • CWE-287: Improper Authentication •
CVSS: 5.4EPSS: 0%CPEs: 10EXPL: 0CVE-2014-6150
https://notcve.org/view.php?id=CVE-2014-6150
31 Oct 2014 — Cross-site scripting (XSS) vulnerability in IBM Tivoli Application Dependency Discovery Manager (TADDM) 7.2.1.0 through 7.2.1.6 and 7.2.2.0 through 7.2.2.2 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL. Vulnerabilidad de XSS en IBM Tivoli Application Dependency Discovery Manager (TADDM) 7.2.1.0 hasta 7.2.1.6 y 7.2.2.0 hasta 7.2.2.2 permite a usuarios remotos autenticados inyectar secuencias de comandos web o HTML arbitrarios a través de una URL manipulada. • http://secunia.com/advisories/61785 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.5EPSS: 0%CPEs: 21EXPL: 0CVE-2014-6149
https://notcve.org/view.php?id=CVE-2014-6149
29 Oct 2014 — Directory traversal vulnerability in BIRT-viewer in IBM Tivoli Application Dependency Discovery Manager (TADDM) 7.2.0.0 through 7.2.0.10, 7.2.1.0 through 7.2.1.6, and 7.2.2.0 through 7.2.2.2 allows remote authenticated users to read arbitrary files via unspecified vectors. Vulnerabilidad de salto de directorio en BIRT-viewer en IBM Tivoli Application Dependency Discovery Manager (TADDM) 7.2.0.0 hasta 7.2.0.10, 7.2.1.0 hasta 7.2.1.6, y 7.2.2.0 hasta 7.2.2.2 permite a usuarios remotos autenticados leer ficher... • http://www-01.ibm.com/support/docview.wss?uid=swg21688296 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 6.5EPSS: 0%CPEs: 25EXPL: 0CVE-2013-3004
https://notcve.org/view.php?id=CVE-2013-3004
01 Jul 2014 — Directory traversal vulnerability in BIRT-Report Viewer in IBM Tivoli Application Dependency Discovery Manager (TADDM) 7.1.x and 7.2.x before 7.2.1.5 allows remote authenticated users to read arbitrary files via unspecified vectors. Vulnerabilidad de salto de directorio en BIRT-Report Viewer en IBM Tivoli Application Dependency Discovery Manager (TADDM) 7.1.x y 7.2.x anterior a 7.2.1.5 permite a usuarios remotos autenticados leer ficheros arbitrarios a través de vectores no especificados a través de vectore... • http://www-01.ibm.com/support/docview.wss?uid=swg21672395 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •