Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ibm bigfix inventory 9.2 vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2016-8966
IBM BigFix Inventory v9 could allow a remote malicious user to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle techniques.
Ibm License Metric Tool 9.2.0
Ibm Bigfix Inventory 9.2
445
VMScore
CVE-2016-8977
IBM BigFix Inventory v9 could disclose sensitive information to an unauthorized user using HTTP GET requests. This information could be used to mount further attacks against the system.
Ibm License Metric Tool 9.2.0
Ibm Bigfix Inventory 9.2
668
VMScore
CVE-2016-8980
IBM BigFix Inventory v9 is vulnerable to a denial of service, caused by an XML External Entity Injection (XXE) error when processing XML data. A remote attacker could exploit this vulnerability to expose highly sensitive information or consume all available memory resources.
Ibm License Metric Tool 9.2.0
Ibm Bigfix Inventory 9.2
187
VMScore
CVE-2016-8981
IBM BigFix Inventory v9 allows web pages to be stored locally which can be read by another user on the system.
Ibm License Metric Tool 9.2.0
Ibm Bigfix Inventory 9.2
187
VMScore
CVE-2016-8967
IBM BigFix Inventory v9 9.2 stores user credentials in plain in clear text which can be read by a local user.
Ibm License Metric Tool 9.2.0
Ibm Bigfix Inventory 9.2
383
VMScore
CVE-2016-8962
IBM BigFix Inventory 9.2 does not require that users should have strong passwords by default, which makes it easier for malicious users to compromise user accounts. IBM X-Force ID: 118851.
Ibm Bigfix Inventory
445
VMScore
CVE-2016-8964
IBM BigFix Inventory v9 9.2 uses an inadequate account lockout setting that could allow a remote malicious user to brute force account credentials. IBM X-Force ID: 118853.
Ibm License Metric Tool
Ibm Bigfix Inventory
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-3400
deserialization
CVE-2024-21788
CVE-2023-42433
CVE-2024-21841
CVE-2024-22095
local file inclusion
memory leak
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started