Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ibm license metric tool vulnerabilities and exploits
(subscribe to this query)
356
VMScore
CVE-2015-4929
IBM License Metric Tool 9 prior to 9.2.1.0 and Endpoint Manager for Software Use Analysis 9 prior to 9.2.1.0 allow remote authenticated users to bypass intended access restrictions and obtain sensitive information via a REST API request.
Ibm License Metric Tool 9.2.0
Ibm License Metric Tool 9.1.0.2
Ibm License Metric Tool 9.0
Ibm License Metric Tool 9.1.0.1
Ibm License Metric Tool 9.0.1
187
VMScore
CVE-2014-4776
IBM License Metric Tool 9 prior to 9.1.0.2 does not have an off autocomplete attribute for authentication fields, which makes it easier for remote malicious users to obtain access by leveraging an unattended workstation.
Ibm License Metric Tool 9.0
Ibm License Metric Tool 9.0.1
Ibm License Metric Tool 9.1.0.1
605
VMScore
CVE-2014-4774
Cross-site request forgery (CSRF) vulnerability in the login page in IBM License Metric Tool 9 prior to 9.1.0.2 and Endpoint Manager for Software Use Analysis 9 prior to 9.1.0.2 allows remote malicious users to hijack the authentication of arbitrary users via vectors involving a ...
Ibm License Metric Tool 9.0.1
Ibm Endpoint Manager Family 9.0.1
Ibm License Metric Tool 9.0
Ibm License Metric Tool 9.1.0.1
Ibm Endpoint Manager Family 9.1.0
383
VMScore
CVE-2014-4778
IBM License Metric Tool 9 prior to 9.1.0.2 and Endpoint Manager for Software Use Analysis 9 prior to 9.1.0.2 do not send an X-Frame-Options HTTP header in response to requests for the login page, which allows remote malicious users to conduct clickjacking attacks via vectors invo...
Ibm Endpoint Manager Family 9.0.1
Ibm License Metric Tool 9.0
Ibm License Metric Tool 9.0.1
Ibm License Metric Tool 9.1.0.1
Ibm Endpoint Manager Family 9.1.0
445
VMScore
CVE-2014-8927
Common Inventory Technology (CIT) prior to 2.7.0.2050 in IBM License Metric Tool 7.2.2, 7.5, and 9; Endpoint Manger for Software Use Analysis 9; and Tivoli Asset Discovery for Distributed 7.2.2 and 7.5 allows remote malicious users to cause a denial of service (CPU consumption or...
Ibm Endpoint Manager Family 9.0
Ibm Tivoli Asset Discovery For Distributed 7.5
Ibm License Metric Tool 7.2.2
Ibm License Metric Tool 7.5
Ibm License Metric Tool 9.0
Ibm Tivoli Asset Discovery For Distributed 7.2.2.0
445
VMScore
CVE-2014-8926
Common Inventory Technology (CIT) prior to 2.7.0.2050 in IBM License Metric Tool 7.2.2, 7.5, and 9; Endpoint Manger for Software Use Analysis 9; and Tivoli Asset Discovery for Distributed 7.2.2 and 7.5 allows remote malicious users to cause a denial of service (CPU consumption or...
Ibm Endpoint Manager Family 9.0
Ibm Tivoli Asset Discovery For Distributed 7.5
Ibm License Metric Tool 7.2.2
Ibm License Metric Tool 7.5
Ibm License Metric Tool 9.0.1
Ibm Tivoli Asset Discovery For Distributed 7.2.2.0
NA
CVE-2023-43044
IBM License Metric Tool 9.2 could allow a remote malicious user to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system. IBM X-Force ID: 266893.
Ibm License Metric Tool
445
VMScore
CVE-2016-8964
IBM BigFix Inventory v9 9.2 uses an inadequate account lockout setting that could allow a remote malicious user to brute force account credentials. IBM X-Force ID: 118853.
Ibm License Metric Tool
Ibm Bigfix Inventory
570
VMScore
CVE-2014-8924
The server in IBM License Metric Tool 7.2.2 before IF15 and 7.5 before IF24 and Tivoli Asset Discovery for Distributed 7.2.2 before IF15 and 7.5 before IF24 allows remote malicious users to read arbitrary files or send TCP requests to intranet servers via XML data containing an e...
Ibm License Metric Tool 7.2.2
Ibm License Metric Tool 7.5
Ibm Tivoli Asset Discovery For Distributed 7.2.2
Ibm Tivoli Asset Discovery For Distributed 7.5
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48700
CVE-2022-48689
CVE-2024-27956
CVE-2023-6363
SQL
NULL pointer dereference
CVE-2023-41830
CVE-2015-2051
arbitrary
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started