Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
webreports vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2016-0397
WebReports in IBM BigFix Platform (formerly Tivoli Endpoint Manager) 9.x prior to 9.5.2 allows remote malicious users to obtain sensitive information by sniffing the network for HTTP traffic.
Ibm Bigfix Webreports 9.5
Ibm Bigfix Webreports 9.0
Ibm Bigfix Webreports 9.1
Ibm Bigfix Webreports 9.2
3.5
CVSSv2
CVE-2020-7570
A CWE-79 Improper Neutralization of Input During Web Page Generation (Cross-site Scripting Stored) vulnerability exists in EcoStruxure Building Operation WebReports V1.9 - V3.1 that could cause an authenticated remote user being able to inject arbitrary web script or HTML due to ...
Schneider-electric Webreports
6.5
CVSSv2
CVE-2020-7572
A CWE-611 Improper Restriction of XML External Entity Reference vulnerability exists in EcoStruxure Building Operation WebReports V1.9 - V3.1 that could cause an authenticated remote user being able to inject arbitrary XML code and obtain disclosure of confidential data, denial o...
Schneider-electric Webreports
6.4
CVSSv2
CVE-2020-7573
A CWE-284 Improper Access Control vulnerability exists in EcoStruxure Building Operation WebReports V1.9 - V3.1 that could cause a remote attacker being able to access a restricted web resources due to improper access control.
Schneider-electric Webreports
6.5
CVSSv2
CVE-2020-7569
A CWE-434 Unrestricted Upload of File with Dangerous Type vulnerability exists in EcoStruxure Building Operation WebReports V1.9 - V3.1 that could cause an authenticated remote user being able to upload arbitrary files due to incorrect verification of user supplied files and achi...
Schneider-electric Webreports
3.5
CVSSv2
CVE-2020-7571
A CWE-79 Multiple Improper Neutralization of Input During Web Page Generation (Cross-site Scripting Reflected) vulnerability exists in EcoStruxure Building Operation WebReports V1.9 - V3.1 that could cause a remote malicious user to inject arbitrary web script or HTML due to inco...
Schneider-electric Webreports
NA
CVE-2023-45705
An administrative user of WebReports may perform a Server Side Request Forgery (SSRF) exploit through SMTP configuration options.
NA
CVE-2023-45706
An administrative user of WebReports may perform a Cross Site Scripting (XSS) and/or Man in the Middle (MITM) exploit through SAML configuration.
2.1
CVSSv2
CVE-2016-0292
WebReports in IBM BigFix Platform (formerly Tivoli Endpoint Manager) 9.x prior to 9.5.2 allows local users to discover the cleartext system password by reading a report.
Ibm Bigfix 9.0
Ibm Bigfix 9.2
Ibm Bigfix 9.5
Ibm Bigfix 9.1
4.3
CVSSv2
CVE-2012-0719
Cross-site scripting (XSS) vulnerability in IBM Tivoli Endpoint Manager (TEM) 8 prior to 8.2 patch 3 allows remote malicious users to inject arbitrary web script or HTML via the ScheduleParam parameter to the webreports program.
Ibm Tivoli Endpoint Manager 8.2
Ibm Tivoli Endpoint Manager 8.0
Ibm Tivoli Endpoint Manager 8.1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
bypass
open redirect
CVE-2024-4358
CVE-2024-24199
CVE-2024-5550
CVE-2024-5305
CVE-2024-30373
CVE-2024-1800
deserialization
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »