Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
decision manager vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-22319
IBM Operational Decision Manager 8.10.3, 8.10.4, 8.10.5.1, 8.11, 8.11.0.1, 8.11.1 and 8.12.0.1 is susceptible to remote code execution attack via JNDI injection when passing an unchecked argument to a certain API. IBM X-Force ID: 279145.
Ibm Operational Decision Manager 8.10.3
Ibm Operational Decision Manager 8.10.4
Ibm Operational Decision Manager 8.10.5.1
Ibm Operational Decision Manager 8.11
Ibm Operational Decision Manager 8.11.0.1
Ibm Operational Decision Manager 8.12.0.1
NA
CVE-2024-22320
IBM Operational Decision Manager 8.10.3 could allow a remote authenticated malicious user to execute arbitrary code on the system, caused by an unsafe deserialization. By sending specially crafted request, an attacker could exploit this vulnerability to execute arbitrary code in ...
Ibm Operational Decision Manager 8.10.3
Ibm Operational Decision Manager 8.10.4
Ibm Operational Decision Manager 8.10.5.1
Ibm Operational Decision Manager 8.11
Ibm Operational Decision Manager 8.11.0.1
Ibm Operational Decision Manager 8.12.0.1
534
VMScore
CVE-2014-0944
Cross-site request forgery (CSRF) vulnerability in the RES Console in Rule Execution Server in IBM Operational Decision Manager 7.5 before FP3 IF37, 8.0 before MP1 FP2, and 8.5 before MP1 IF26 allows remote authenticated users to hijack the authentication of arbitrary users for r...
Ibm Operational Decision Manager 7.5
Ibm Operational Decision Manager 8.0
Ibm Operational Decision Manager 8.5
312
VMScore
CVE-2014-0945
Cross-site scripting (XSS) vulnerability in the RES Console in Rule Execution Server in IBM Operational Decision Manager 7.5 before FP3 IF37, 8.0 before MP1 FP2, and 8.5 before MP1 IF26 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL.
Ibm Operational Decision Manager 7.5
Ibm Operational Decision Manager 8.0
Ibm Operational Decision Manager 8.5
383
VMScore
CVE-2014-0946
The RES Console in Rule Execution Server in IBM Operational Decision Manager 7.5 before FP3 IF37, 8.0 before MP1 FP2, and 8.5 before MP1 IF26 does not send appropriate Cache-Control HTTP headers, which allows remote malicious users to obtain sensitive information by leveraging an...
Ibm Operational Decision Manager 7.5
Ibm Operational Decision Manager 8.0
Ibm Operational Decision Manager 8.5
445
VMScore
CVE-2014-6114
The Hosted Transparent Decision Service in the Rule Execution Server in IBM WebSphere ILOG JRules 7.1 before MP1 FP5 IF43; WebSphere Operational Decision Management 7.5 before FP3 IF41; and Operational Decision Manager 8.0 before MP1 FP2 IF34, 8.5 before MP1 FP1 IF43, and 8.6 bef...
Ibm Operational Decision Manager 8.5
Ibm Operational Decision Manager 8.6
Ibm Websphere Operational Decision Management 7.5
Ibm Operational Decision Manager 8.0
Ibm Websphere Ilog Jrules 7.1
570
VMScore
CVE-2018-1821
IBM Operational Decision Management 8.5, 8.6, 8.7, 8.8, and 8.9 is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: ...
Ibm Operational Decision Manager
NA
CVE-2019-14840
A flaw was found in the RHDM, where sensitive HTML form fields like Password has auto-complete enabled which may lead to leak of credentials.
Redhat Decision Manager 7.0
NA
CVE-2023-30056
A session takeover vulnerability exists in FICO Origination Manager Decision Module 4.8.1 due to insufficient protection of the JSESSIONID cookie.
Fico Origination Manager Decision 4.8.1
NA
CVE-2023-30057
Multiple stored cross-site scripting (XSS) vulnerabilities in FICO Origination Manager Decision Module 4.8.1 allow malicious users to execute arbitrary web scripts or HTML via a crafted payload.
Fico Origination Manager Decision 4.8.1
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
cross-site request forgery
CVE-2024-34351
CVE-2024-1076
CVE-2024-25522
CVE-2024-34547
CVE-2024-4644
unauthorized
remote
CVE-2024-4671
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »