Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ibm bigfix platform vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv3
CVE-2017-1226
IBM Tivoli Endpoint Manager (IBM BigFix Platform 9.2 and 9.5) generates an error message in error logs that includes sensitive information about its environment which could be used in further attacks against the system. IBM X-Force ID: 123905.
Ibm Bigfix Platform 9.2
Ibm Bigfix Platform 9.5
3.7
CVSSv3
CVE-2018-1484
IBM BigFix Platform 9.2.0 up to and including 9.2.14 and 9.5 up to and including 9.5.9 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a si...
Ibm Bigfix Platform
3.7
CVSSv3
CVE-2017-1228
IBM Tivoli Endpoint Manager (IBM BigFix Platform 9.2 and 9.5) could allow a remote malicious user to obtain sensitive information, caused by the failure to properly enable the secure cookie attribute. An attacker could exploit this vulnerability to obtain sensitive information us...
Ibm Bigfix Platform 9.5
Ibm Bigfix Platform 9.2
3.7
CVSSv3
CVE-2016-0297
IBM Tivoli Endpoint Manager - Mobile Device Management (MDM) could allow a remote malicious user to obtain sensitive information due to a missing HTTP Strict-Transport-Security Header through man in the middle techniques.
Ibm Bigfix Platform 9.5
Ibm Bigfix Platform 9.2
Ibm Bigfix Platform 9.1
Ibm Bigfix Platform 9.0
3.3
CVSSv3
CVE-2018-2005
IBM BigFix Platform 9.2 and 9.5 stores potentially sensitive information in process memory that could be read by a local attacker with elevated permissions. IBM X-Force ID: 155007
Ibm Bigfix Platform
3.3
CVSSv3
CVE-2016-0296
IBM Tivoli Endpoint Manager - Mobile Device Management (MDM) stores potentially sensitive information in log files that could be available to a local user.
Ibm Bigfix Platform 9.5
Ibm Bigfix Platform 9.1
Ibm Bigfix Platform 9.2
Ibm Bigfix Platform 9.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49333
CVE-2024-33901
CVE-2024-36001
CVE-2024-2835
firewall
XPath injection
authentication bypass
CVE-2024-22120
CVE-2024-32002
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5