Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ibm bigfix platform vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2018-1478
IBM BigFix Platform 9.2.0 up to and including 9.2.14 and 9.5 up to and including 9.5.9 could allow a remote malicious user to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hija...
Ibm Bigfix Platform
445
VMScore
CVE-2018-1480
IBM BigFix Platform 9.2.0 up to and including 9.2.14 and 9.5 up to and including 9.5.9 does not set the 'HttpOnly' attribute on authorization tokens or session cookies. If a Cross-Site Scripting vulnerability also existed attackers may be able to get the cookie values v...
Ibm Bigfix Platform
383
VMScore
CVE-2018-1484
IBM BigFix Platform 9.2.0 up to and including 9.2.14 and 9.5 up to and including 9.5.9 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a si...
Ibm Bigfix Platform
187
VMScore
CVE-2017-1231
IBM BigFix Platform 9.5 - 9.5.9 stores user credentials in plain in clear text which can be read by a local user. IBM X-Force ID: 123910.
Ibm Bigfix Platform
187
VMScore
CVE-2016-0292
WebReports in IBM BigFix Platform (formerly Tivoli Endpoint Manager) 9.x prior to 9.5.2 allows local users to discover the cleartext system password by reading a report.
Ibm Bigfix 9.0
Ibm Bigfix 9.2
Ibm Bigfix 9.5
Ibm Bigfix 9.1
383
VMScore
CVE-2016-0397
WebReports in IBM BigFix Platform (formerly Tivoli Endpoint Manager) 9.x prior to 9.5.2 allows remote malicious users to obtain sensitive information by sniffing the network for HTTP traffic.
Ibm Bigfix Webreports 9.5
Ibm Bigfix Webreports 9.0
Ibm Bigfix Webreports 9.1
Ibm Bigfix Webreports 9.2
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5