|
197711
|
5.3 |
MEDIUM
Network
|
ibm
|
tivoli_netcool\/impact
|
IBM Tivoli Netcool Impact 7.1.0.0 through 7.1.0.17 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information c…
|
CWE-209
Information Exposure Through an Error Message
|
CVE-2020-4239
|
2024-11-21 14:32 |
2020-04-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197712
|
8.8 |
HIGH
Network
|
ibm
|
tivoli_netcool\/impact
|
IBM Tivoli Netcool Impact 7.1.0.0 through 7.1.0.17 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that…
|
CWE-352
Origin Validation Error
|
CVE-2020-4238
|
2024-11-21 14:32 |
2020-04-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197713
|
8.8 |
HIGH
Network
|
ibm
|
tivoli_netcool\/impact
|
IBM Tivoli Netcool Impact 7.1.0.0 through 7.1.0.17 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that…
|
CWE-352
Origin Validation Error
|
CVE-2020-4237
|
2024-11-21 14:32 |
2020-04-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197714
|
6.5 |
MEDIUM
Network
|
ibm
|
tivoli_netcool\/impact
|
IBM Tivoli Netcool Impact 7.1.0.0 through 7.1.0.17 could allow an authenticated user to cause a denial of service due to improper content parsing in the project management module. IBM X-Force ID: 175…
|
NVD-CWE-noinfo
|
CVE-2020-4236
|
2024-11-21 14:32 |
2020-04-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197715
|
5.4 |
MEDIUM
Network
|
ibm
|
tivoli_netcool\/impact
|
IBM Tivoli Netcool Impact 7.1.0.0 through 7.1.0.17 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended f…
|
CWE-79
Cross-site Scripting
|
CVE-2020-4235
|
2024-11-21 14:32 |
2020-04-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197716
|
7.5 |
HIGH
Network
|
ibm
|
spectrum_protect_plus
|
IBM Spectrum Protect Plus 10.1.0 through 10.1.5 could allow a remote attacker to arbitrary delete a directory caused by improper validation of user-supplied input. IBM X-Force ID: 175026.
|
CWE-20
Improper Input Validation
|
CVE-2020-4214
|
2024-11-21 14:32 |
2020-04-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197717
|
9.8 |
CRITICAL
Network
|
ibm
|
spectrum_protect_plus
|
IBM Spectrum Protect Plus 10.1.0 through 10.1.5 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to e…
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2020-4208
|
2024-11-21 14:32 |
2020-04-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197718
|
8.8 |
HIGH
Network
|
ibm
|
spectrum_protect_plus
|
IBM Spectrum Protect Plus 10.1.0 through 10.1.5 could allow a remote attacker to execute arbitrary commands on the system in the context of root user, caused by improper validation of user-supplied i…
|
CWE-20
CWE-78
Improper Input Validation
OS Command
|
CVE-2020-4206
|
2024-11-21 14:32 |
2020-04-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197719
|
7.5 |
HIGH
Network
|
ibm
|
websphere_application_server
|
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 traditional is vulnerable to a privilege escalation vulnerability when using token-based authentication in an admin request over the SOAP conne…
|
NVD-CWE-noinfo
|
CVE-2020-4276
|
2024-11-21 14:32 |
2020-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197720
|
5.3 |
MEDIUM
Network
|
ibm
|
content_navigator
|
IBM Content Navigator 3.0CD could disclose sensitive information to an unauthenticated user which could be used to aid in further attacks against the system. IBM X-Force ID: 177080.
|
CWE-200
Information Exposure
|
CVE-2020-4309
|
2024-11-21 14:32 |
2020-03-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
