Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ibm license metric tool vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2015-4929
IBM License Metric Tool 9 prior to 9.2.1.0 and Endpoint Manager for Software Use Analysis 9 prior to 9.2.1.0 allow remote authenticated users to bypass intended access restrictions and obtain sensitive information via a REST API request.
Ibm License Metric Tool 9.2.0
Ibm License Metric Tool 9.1.0.2
Ibm License Metric Tool 9.0
Ibm License Metric Tool 9.1.0.1
Ibm License Metric Tool 9.0.1
NA
CVE-2014-4776
IBM License Metric Tool 9 prior to 9.1.0.2 does not have an off autocomplete attribute for authentication fields, which makes it easier for remote malicious users to obtain access by leveraging an unattended workstation.
Ibm License Metric Tool 9.0
Ibm License Metric Tool 9.0.1
Ibm License Metric Tool 9.1.0.1
NA
CVE-2014-4774
Cross-site request forgery (CSRF) vulnerability in the login page in IBM License Metric Tool 9 prior to 9.1.0.2 and Endpoint Manager for Software Use Analysis 9 prior to 9.1.0.2 allows remote malicious users to hijack the authentication of arbitrary users via vectors involving a ...
Ibm License Metric Tool 9.0.1
Ibm Endpoint Manager Family 9.0.1
Ibm License Metric Tool 9.0
Ibm License Metric Tool 9.1.0.1
Ibm Endpoint Manager Family 9.1.0
NA
CVE-2014-4778
IBM License Metric Tool 9 prior to 9.1.0.2 and Endpoint Manager for Software Use Analysis 9 prior to 9.1.0.2 do not send an X-Frame-Options HTTP header in response to requests for the login page, which allows remote malicious users to conduct clickjacking attacks via vectors invo...
Ibm Endpoint Manager Family 9.0.1
Ibm License Metric Tool 9.0
Ibm License Metric Tool 9.0.1
Ibm License Metric Tool 9.1.0.1
Ibm Endpoint Manager Family 9.1.0
NA
CVE-2014-8927
Common Inventory Technology (CIT) prior to 2.7.0.2050 in IBM License Metric Tool 7.2.2, 7.5, and 9; Endpoint Manger for Software Use Analysis 9; and Tivoli Asset Discovery for Distributed 7.2.2 and 7.5 allows remote malicious users to cause a denial of service (CPU consumption or...
Ibm Endpoint Manager Family 9.0
Ibm Tivoli Asset Discovery For Distributed 7.5
Ibm License Metric Tool 7.2.2
Ibm License Metric Tool 7.5
Ibm License Metric Tool 9.0
Ibm Tivoli Asset Discovery For Distributed 7.2.2.0
NA
CVE-2014-8926
Common Inventory Technology (CIT) prior to 2.7.0.2050 in IBM License Metric Tool 7.2.2, 7.5, and 9; Endpoint Manger for Software Use Analysis 9; and Tivoli Asset Discovery for Distributed 7.2.2 and 7.5 allows remote malicious users to cause a denial of service (CPU consumption or...
Ibm Endpoint Manager Family 9.0
Ibm Tivoli Asset Discovery For Distributed 7.5
Ibm License Metric Tool 7.2.2
Ibm License Metric Tool 7.5
Ibm License Metric Tool 9.0.1
Ibm Tivoli Asset Discovery For Distributed 7.2.2.0
7.5
CVSSv3
CVE-2023-43044
IBM License Metric Tool 9.2 could allow a remote malicious user to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system. IBM X-Force ID: 266893.
Ibm License Metric Tool
9.8
CVSSv3
CVE-2016-8964
IBM BigFix Inventory v9 9.2 uses an inadequate account lockout setting that could allow a remote malicious user to brute force account credentials. IBM X-Force ID: 118853.
Ibm License Metric Tool
Ibm Bigfix Inventory
NA
CVE-2014-8924
The server in IBM License Metric Tool 7.2.2 before IF15 and 7.5 before IF24 and Tivoli Asset Discovery for Distributed 7.2.2 before IF15 and 7.5 before IF24 allows remote malicious users to read arbitrary files or send TCP requests to intranet servers via XML data containing an e...
Ibm License Metric Tool 7.2.2
Ibm License Metric Tool 7.5
Ibm Tivoli Asset Discovery For Distributed 7.2.2
Ibm Tivoli Asset Discovery For Distributed 7.5
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2006-4304
CVE-2024-4240
arbitrary
CVE-2024-31601
XSS
CVE-2023-20198
CVE-2024-4256
CVE-2024-3342
encryption
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started