Vulnerabilities (CVE)

Vendor filter

Ibm Subscribe

Product filter

Bigfix Inventory Subscribe

Filter

10 total CVE
CVE Vendors Products Updated CVSS
CVE-2019-4369 1 Ibm 2 Bigfix Inventory, License Metric Tool 2019-10-09 5.0
IBM BigFix Inventory v9 (SUA v9 / ILMT v9) discloses sensitive information to unauthorized users. The information can be used to mount further attacks on the system. IBM X-Force ID: 161807.
CVE-2016-8964 1 Ibm 2 Bigfix Inventory, License Metric Tool 2019-05-06 5.0
IBM BigFix Inventory v9 9.2 uses an inadequate account lockout setting that could allow a remote attacker to brute force account credentials. IBM X-Force ID: 118853.
CVE-2016-8962 1 Ibm 1 Bigfix Inventory 2017-07-11 4.3
IBM BigFix Inventory 9.2 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. IBM X-Force ID: 118851.
CVE-2016-8963 1 Ibm 2 Bigfix Inventory, License Metric Tool 2017-02-13 2.1
IBM BigFix Inventory v9 stores potentially sensitive information in log files that could be read by a local user.
CVE-2016-8961 1 Ibm 2 Bigfix Inventory, License Metric Tool 2017-02-13 5.8
IBM BigFix Inventory v9 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to spoof the URL...
CVE-2016-8966 1 Ibm 2 Bigfix Inventory, License Metric Tool 2017-02-13 4.3
IBM BigFix Inventory v9 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information using man...
CVE-2016-8981 1 Ibm 2 Bigfix Inventory, License Metric Tool 2017-02-13 2.1
IBM BigFix Inventory v9 allows web pages to be stored locally which can be read by another user on the system.
CVE-2016-8980 1 Ibm 2 Bigfix Inventory, License Metric Tool 2017-02-13 7.5
IBM BigFix Inventory v9 is vulnerable to a denial of service, caused by an XML External Entity Injection (XXE) error when processing XML data. A remote attacker could exploit this vulnerability to expose highly sensitive information or consume...
CVE-2016-8977 1 Ibm 2 Bigfix Inventory, License Metric Tool 2017-02-13 5.0
IBM BigFix Inventory v9 could disclose sensitive information to an unauthorized user using HTTP GET requests. This information could be used to mount further attacks against the system.
CVE-2016-8967 1 Ibm 2 Bigfix Inventory, License Metric Tool 2017-02-09 2.1
IBM BigFix Inventory v9 9.2 stores user credentials in plain in clear text which can be read by a local user.