Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
webreports vulnerabilities and exploits
(subscribe to this query)
5.9
CVSSv3
CVE-2016-0397
WebReports in IBM BigFix Platform (formerly Tivoli Endpoint Manager) 9.x prior to 9.5.2 allows remote malicious users to obtain sensitive information by sniffing the network for HTTP traffic.
Ibm Bigfix Webreports 9.5
Ibm Bigfix Webreports 9.0
Ibm Bigfix Webreports 9.1
Ibm Bigfix Webreports 9.2
5.4
CVSSv3
CVE-2020-7570
A CWE-79 Improper Neutralization of Input During Web Page Generation (Cross-site Scripting Stored) vulnerability exists in EcoStruxure Building Operation WebReports V1.9 - V3.1 that could cause an authenticated remote user being able to inject arbitrary web script or HTML due to ...
Schneider-electric Webreports
8.8
CVSSv3
CVE-2020-7572
A CWE-611 Improper Restriction of XML External Entity Reference vulnerability exists in EcoStruxure Building Operation WebReports V1.9 - V3.1 that could cause an authenticated remote user being able to inject arbitrary XML code and obtain disclosure of confidential data, denial o...
Schneider-electric Webreports
6.5
CVSSv3
CVE-2020-7573
A CWE-284 Improper Access Control vulnerability exists in EcoStruxure Building Operation WebReports V1.9 - V3.1 that could cause a remote attacker being able to access a restricted web resources due to improper access control.
Schneider-electric Webreports
8.8
CVSSv3
CVE-2020-7569
A CWE-434 Unrestricted Upload of File with Dangerous Type vulnerability exists in EcoStruxure Building Operation WebReports V1.9 - V3.1 that could cause an authenticated remote user being able to upload arbitrary files due to incorrect verification of user supplied files and achi...
Schneider-electric Webreports
5.4
CVSSv3
CVE-2020-7571
A CWE-79 Multiple Improper Neutralization of Input During Web Page Generation (Cross-site Scripting Reflected) vulnerability exists in EcoStruxure Building Operation WebReports V1.9 - V3.1 that could cause a remote malicious user to inject arbitrary web script or HTML due to inco...
Schneider-electric Webreports
NA
CVE-2023-45705
An administrative user of WebReports may perform a Server Side Request Forgery (SSRF) exploit through SMTP configuration options.
NA
CVE-2023-45706
An administrative user of WebReports may perform a Cross Site Scripting (XSS) and/or Man in the Middle (MITM) exploit through SAML configuration.
5.5
CVSSv3
CVE-2016-0292
WebReports in IBM BigFix Platform (formerly Tivoli Endpoint Manager) 9.x prior to 9.5.2 allows local users to discover the cleartext system password by reading a report.
Ibm Bigfix 9.0
Ibm Bigfix 9.2
Ibm Bigfix 9.5
Ibm Bigfix 9.1
NA
CVE-2012-0719
Cross-site scripting (XSS) vulnerability in IBM Tivoli Endpoint Manager (TEM) 8 prior to 8.2 patch 3 allows remote malicious users to inject arbitrary web script or HTML via the ScheduleParam parameter to the webreports program.
Ibm Tivoli Endpoint Manager 8.2
Ibm Tivoli Endpoint Manager 8.0
Ibm Tivoli Endpoint Manager 8.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »