Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ibm bigfix platform vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2017-1225
IBM Tivoli Endpoint Manager (IBM BigFix Platform 9.2 and 9.5) stores sensitive information in URL parameters. This may lead to information disclosure if unauthorized parties have access to the URLs via server logs, referrer header or browser history. IBM X-Force ID: 123904.
Ibm Bigfix Platform 9.2
Ibm Bigfix Platform 9.5
5
CVSSv2
CVE-2017-1230
IBM Tivoli Endpoint Manager (IBM BigFix Platform 9.2 and 9.5) uses insufficiently random numbers or values in a security context that depends on unpredictable numbers. This weakness may allow malicious users to expose sensitive information by guessing tokens or identifiers. IBM X...
Ibm Bigfix Platform 9.2
Ibm Bigfix Platform 9.5
5
CVSSv2
CVE-2017-1224
IBM Tivoli Endpoint Manager uses weaker than expected cryptographic algorithms that could allow an malicious user to decrypt highly sensitive information. IBM X-Force ID: 123903.
Ibm Bigfix Platform 9.5
Ibm Bigfix Platform 9.5.6
Ibm Bigfix Platform 9.2.6
Ibm Bigfix Platform 9.2.7
Ibm Bigfix Platform 9.5.5
4.3
CVSSv2
CVE-2018-1484
IBM BigFix Platform 9.2.0 up to and including 9.2.14 and 9.5 up to and including 9.5.9 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a si...
Ibm Bigfix Platform
4.3
CVSSv2
CVE-2018-1478
IBM BigFix Platform 9.2.0 up to and including 9.2.14 and 9.5 up to and including 9.5.9 could allow a remote malicious user to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hija...
Ibm Bigfix Platform
4.3
CVSSv2
CVE-2018-1474
IBM BigFix Platform 9.2.0 up to and including 9.2.14 and 9.5 up to and including 9.5.9 is vulnerable to HTTP response splitting attacks, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability to inject arbitrary HTTP headers and c...
Ibm Bigfix Platform
4.3
CVSSv2
CVE-2018-1473
IBM BigFix Platform 9.2 and 9.5 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID:...
Ibm Bigfix Platform
4.3
CVSSv2
CVE-2017-1229
IBM Tivoli Endpoint Manager (IBM BigFix 9.2 and 9.5) could allow a remote malicious user to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information using ma...
Ibm Bigfix Platform 9.2
Ibm Bigfix Platform 9.5
4.3
CVSSv2
CVE-2017-1521
IBM Tivoli Endpoint Manager (for Lifecycle/Power/Patch) Platform and Applications (IBM BigFix Platform 9.2 and 9.5) is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality pot...
Ibm Bigfix Platform 9.5
Ibm Bigfix Platform 9.2
4.3
CVSSv2
CVE-2017-1228
IBM Tivoli Endpoint Manager (IBM BigFix Platform 9.2 and 9.5) could allow a remote malicious user to obtain sensitive information, caused by the failure to properly enable the secure cookie attribute. An attacker could exploit this vulnerability to obtain sensitive information us...
Ibm Bigfix Platform 9.5
Ibm Bigfix Platform 9.2
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »