DATABASE RESOURCES PRICING ABOUT US

{"id": "DEBIANCVE:CVE-2013-3060", "vendorId": null, "type": "debiancve", "bulletinFamily": "info", "title": "CVE-2013-3060", "description": "The web console in Apache ActiveMQ before 5.8.0 does not require authentication, which allows remote attackers to obtain sensitive information or cause a denial of service via HTTP requests.", "published": "2013-04-21T21:55:00", "modified": "2013-04-21T21:55:00", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:P"}, "cvss2": {"cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.4, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 4.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": false}, "cvss3": {}, "href": "https://security-tracker.debian.org/tracker/CVE-2013-3060", "reporter": "Debian Security Bug Tracker", "references": [], "cvelist": ["CVE-2013-3060"], "immutableFields": [], "lastseen": "2021-12-14T17:45:38", "viewCount": 2, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2013-3060"]}, {"type": "ibm", "idList": ["CD8271F1E3A620207AA3EAC35F944E1453EFEBC4728A88B9C3D9D0DA7F511F56"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310903306"]}, {"type": "redhat", "idList": ["RHSA-2013:1029", "RHSA-2013:1221"]}, {"type": "seebug", "idList": ["SSV:60763"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2013-3060"]}], "rev": 4}, "score": {"value": 4.7, "vector": "NONE"}, "backreferences": {"references": [{"type": "cve", "idList": ["CVE-2013-3060"]}, {"type": "ibm", "idList": ["CD8271F1E3A620207AA3EAC35F944E1453EFEBC4728A88B9C3D9D0DA7F511F56"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310903306"]}, {"type": "redhat", "idList": ["RHSA-2013:1221"]}, {"type": "seebug", "idList": ["SSV:60763"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2013-3060"]}]}, "exploitation": null, "vulnersScore": 4.7}, "affectedPackage": [{"OS": "Debian", "OSVersion": "11", "arch": "all", "packageFilename": "activemq_5.16.1-1_all.deb", "packageVersion": "5.16.1-1", "operator": "lt", "status": "resolved", "packageName": "activemq"}, {"OS": "Debian", "OSVersion": "10", "arch": "all", "packageFilename": "activemq_5.15.8-2_all.deb", "packageVersion": "5.15.8-2", "operator": "lt", "status": "resolved", "packageName": "activemq"}, {"OS": "Debian", "OSVersion": "999", "arch": "all", "packageFilename": "activemq_5.16.1-1_all.deb", "packageVersion": "5.16.1-1", "operator": "lt", "status": "resolved", "packageName": "activemq"}, {"OS": "Debian", "OSVersion": "9", "arch": "all", "packageFilename": "activemq_5.14.3-3_all.deb", "packageVersion": "5.14.3-3", "operator": "lt", "status": "resolved", "packageName": "activemq"}], "_state": {"dependencies": 1646113761}}

{"cve": [{"lastseen": "2022-03-23T12:48:04", "description": "The web console in Apache ActiveMQ before 5.8.0 does not require authentication, which allows remote attackers to obtain sensitive information or cause a denial of service via HTTP requests.", "cvss3": {}, "published": "2013-04-21T21:55:00", "type": "cve", "title": "CVE-2013-3060", "cwe": ["CWE-287"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-3060"], "modified": "2016-11-28T19:09:00", "cpe": ["cpe:/a:apache:activemq:5.0.0", "cpe:/a:apache:activemq:5.3.2", "cpe:/a:apache:activemq:5.4.0", "cpe:/a:apache:activemq:4.1.0", "cpe:/a:apache:activemq:5.3.0", "cpe:/a:apache:activemq:5.6.0", "cpe:/a:apache:activemq:5.7.0", "cpe:/a:apache:activemq:4.0", "cpe:/a:apache:activemq:5.2.0", "cpe:/a:apache:activemq:5.1.0", "cpe:/a:apache:activemq:5.4.2", "cpe:/a:apache:activemq:5.5.0", "cpe:/a:apache:activemq:5.3.1", "cpe:/a:apache:activemq:5.4.1", "cpe:/a:apache:activemq:4.1.1", "cpe:/a:apache:activemq:4.0.2", "cpe:/a:apache:activemq:5.5.1", "cpe:/a:apache:activemq:4.0.1"], "id": "CVE-2013-3060", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-3060", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:P"}, "cpe23": ["cpe:2.3:a:apache:activemq:4.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:apache:activemq:5.5.0:*:*:*:*:*:*:*", "cpe:2.3:a:apache:activemq:5.3.1:*:*:*:*:*:*:*", "cpe:2.3:a:apache:activemq:4.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:apache:activemq:5.7.0:*:*:*:*:*:*:*", "cpe:2.3:a:apache:activemq:4.0:*:*:*:*:*:*:*", "cpe:2.3:a:apache:activemq:4.0:m4:*:*:*:*:*:*", "cpe:2.3:a:apache:activemq:5.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:apache:activemq:4.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:apache:activemq:4.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:apache:activemq:5.5.1:*:*:*:*:*:*:*", "cpe:2.3:a:apache:activemq:5.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:apache:activemq:4.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:apache:activemq:5.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:apache:activemq:5.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:apache:activemq:5.6.0:*:*:*:*:*:*:*", "cpe:2.3:a:apache:activemq:5.3.2:*:*:*:*:*:*:*", "cpe:2.3:a:apache:activemq:5.4.2:*:*:*:*:*:*:*", "cpe:2.3:a:apache:activemq:5.4.0:*:*:*:*:*:*:*", "cpe:2.3:a:apache:activemq:5.4.1:*:*:*:*:*:*:*"]}], "redhat": [{"lastseen": "2021-10-19T20:40:14", "description": "Fuse Message Broker is a messaging platform based on Apache ActiveMQ that\nprovides SOA infrastructure to connect processes across heterogeneous\nsystems.\n\nIt was found that, by default, the Apache ActiveMQ web console did not\nrequire authentication. A remote attacker could use this flaw to modify the\nstate of the Apache ActiveMQ environment, obtain sensitive information, or\ncause a denial of service. (CVE-2013-3060)\n\nThis update delivers a README file which describes how to manually\nconfigure an XML properties file to fix this flaw. Back up existing Fuse\nMessage Broker configuration files before making changes.\n", "cvss3": {}, "published": "2013-09-09T00:00:00", "type": "redhat", "title": "(RHSA-2013:1221) Important: Fuse Message Broker 5.5.1 security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-3060"], "modified": "2019-03-22T19:43:56", "id": "RHSA-2013:1221", "href": "https://access.redhat.com/errata/RHSA-2013:1221", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:P"}}, {"lastseen": "2021-10-19T20:37:28", "description": "Fuse MQ Enterprise, based on Apache ActiveMQ, is a standards compliant\nmessaging system that is tailored for use in mission critical applications.\n\nThis release of Fuse MQ Enterprise 7.1.0 roll up patch 1 is an update to\nFuse MQ Enterprise 7.1.0 and includes bug fixes. Refer to the readme file\nincluded with the patch files for information about the bug fixes.\n\nThe following security issues are also fixed with this release:\n\nIt was found that, by default, the Apache ActiveMQ web console did not\nrequire authentication. A remote attacker could use this flaw to modify the\nstate of the Apache ActiveMQ environment, obtain sensitive information, or\ncause a denial of service. (CVE-2013-3060)\n\nMultiple cross-site scripting (XSS) flaws were found in the Apache ActiveMQ\ndemo web applications. A remote attacker could use these flaws to inject\narbitrary web script or HTML on pages displayed by the demo web\napplications. (CVE-2012-6092)\n\nIt was found that a sample Apache ActiveMQ application was deployed by\ndefault. A remote attacker could use this flaw to send the sample\napplication requests, allowing them to consume all available broker\nresources. (CVE-2012-6551)\n\nA stored cross-site scripting (XSS) flaw was found in the way Apache\nActiveMQ handled cron jobs. A remote attacker could use this flaw to\nperform an XSS attack against users viewing the scheduled.jsp page.\n(CVE-2013-1879)\n\nA reflected cross-site scripting (XSS) flaw was found in the\nportfolioPublish servlet of the Apache ActiveMQ demo web applications. A\nremote attacker could use this flaw to inject arbitrary web script or\nHTML. (CVE-2013-1880)\n\nNote: All of the above flaws only affected the distribution of Apache\nActiveMQ included in the extras directory of the Fuse MQ Enterprise\ndistribution. The Fuse MQ Enterprise product itself was not affected by any\nof the above flaws.\n\nThe HawtJNI Library class wrote native libraries to a predictable file name\nin /tmp/ when the native libraries were bundled in a JAR file, and no\ncustom library path was specified. A local attacker could overwrite these\nnative libraries with malicious versions during the window between when\nHawtJNI writes them and when they are executed. (CVE-2013-2035)\n\nThe CVE-2013-2035 issue was discovered by Florian Weimer of the Red Hat\nProduct Security Team.\n\nAll users of Fuse MQ Enterprise 7.1.0 as provided from the Red Hat Customer\nPortal are advised to upgrade to Fuse MQ Enterprise 7.1.0 roll up patch 1.\n", "cvss3": {}, "published": "2013-07-09T00:00:00", "type": "redhat", "title": "(RHSA-2013:1029) Important: Fuse MQ Enterprise 7.1.0 update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-6092", "CVE-2012-6551", "CVE-2013-1879", "CVE-2013-1880", "CVE-2013-2035", "CVE-2013-3060"], "modified": "2019-03-22T19:43:56", "id": "RHSA-2013:1029", "href": "https://access.redhat.com/errata/RHSA-2013:1029", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:P"}}], "seebug": [{"lastseen": "2017-11-19T17:45:20", "description": "CVE ID:CVE-2013-3060\r\n\r\nApache ActiveMQ\u662f\u4e00\u6b3e\u5f00\u6e90\u6d88\u606f\u603b\u7ebf\uff0c\u652f\u6301JMS1.1\u548cJ2EE 1.4\u89c4\u8303\u7684JMS Provider\u5b9e\u73b0\u3002\r\n\r\nApache ActiveMQ WEB\u63a7\u5236\u53f0\u65e0\u9700\u9a8c\u8bc1\uff0c\u5141\u8bb8\u8fdc\u7a0b\u653b\u51fb\u8005\u5229\u7528\u6f0f\u6d1e\u63d0\u4ea4HTTP\u8bf7\u6c42\u83b7\u5f97\u654f\u611f\u4fe1\u606f\u6216\u8fdb\u884c\u62d2\u7edd\u670d\u52a1\u653b\u51fb\u3002\r\n0\r\nApache ActiveMQ 5.8.0\u4e4b\u524d\u7248\u672c\r\n\u5382\u5546\u89e3\u51b3\u65b9\u6848\r\n\r\nApache ActiveMQ 5.8.0\u5df2\u7ecf\u4fee\u590d\u6b64\u6f0f\u6d1e\uff0c\u5efa\u8bae\u7528\u6237\u4e0b\u8f7d\u66f4\u65b0\uff1a\r\nhttps://activemq.apache.org/", "cvss3": {}, "published": "2013-04-24T00:00:00", "title": "Apache ActiveMQ WEB\u63a7\u5236\u53f0 \u8fdc\u7a0b\u62d2\u7edd\u670d\u52a1\u6216\u4fe1\u606f\u6cc4\u9732\u6f0f\u6d1e(CVE-2013-3060)", "type": "seebug", "bulletinFamily": "exploit", "cvss2": {}, "cvelist": ["CVE-2013-3060"], "modified": "2013-04-24T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-60763", "id": "SSV:60763", "sourceData": "", "sourceHref": "", "cvss": {"score": 6.4, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:PARTIAL/"}}], "ubuntucve": [{"lastseen": "2021-11-22T21:53:39", "description": "The web console in Apache ActiveMQ before 5.8.0 does not require\nauthentication, which allows remote attackers to obtain sensitive\ninformation or cause a denial of service via HTTP requests.\n\n#### Notes\n\nAuthor| Note \n---|--- \n[mdeslaur](<https://launchpad.net/~mdeslaur>) | web console not shipped in Debian/Ubuntu\n", "cvss3": {}, "published": "2013-04-21T00:00:00", "type": "ubuntucve", "title": "CVE-2013-3060", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-3060"], "modified": "2013-04-21T00:00:00", "id": "UB:CVE-2013-3060", "href": "https://ubuntu.com/security/CVE-2013-3060", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:P"}}], "openvas": [{"lastseen": "2020-05-12T17:27:04", "description": "This host is installed with Apache ActiveMQ and is prone to\n multiple vulnerabilities.", "cvss3": {}, "published": "2013-04-27T00:00:00", "type": "openvas", "title": "Apache ActiveMQ Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-6092", "CVE-2013-3060", "CVE-2012-6551"], "modified": "2020-05-08T00:00:00", "id": "OPENVAS:1361412562310903306", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310903306", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Apache ActiveMQ Multiple Vulnerabilities\n#\n# Authors:\n# Thanga Prakash S <tprakash@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2013 SecPod, http://www.secpod.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:apache:activemq\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.903306\");\n script_version(\"2020-05-08T08:34:44+0000\");\n script_cve_id(\"CVE-2012-6092\", \"CVE-2012-6551\", \"CVE-2013-3060\");\n script_bugtraq_id(59400, 59401, 59402);\n script_tag(name:\"cvss_base\", value:\"6.4\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-05-08 08:34:44 +0000 (Fri, 08 May 2020)\");\n script_tag(name:\"creation_date\", value:\"2013-04-27 12:08:18 +0530 (Sat, 27 Apr 2013)\");\n\n script_name(\"Apache ActiveMQ Multiple Vulnerabilities\");\n\n script_category(ACT_ATTACK);\n script_copyright(\"Copyright (C) 2013 SecPod\");\n script_family(\"Web application abuses\");\n script_dependencies(\"gb_apache_activemq_consolidation.nasl\");\n script_require_ports(\"Services/www\", 8161);\n script_mandatory_keys(\"apache/activemq/detected\");\n\n script_xref(name:\"URL\", value:\"https://issues.apache.org/jira/browse/AMQ-4124\");\n script_xref(name:\"URL\", value:\"http://activemq.apache.org/activemq-580-release.html\");\n script_xref(name:\"URL\", value:\"https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12311210&version=12323282\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow attacker to execute arbitrary HTML and\n script code in a user's browser session in the context of an affected site\n and obtain sensitive information or cause a denial of service.\");\n\n script_tag(name:\"affected\", value:\"Apache ActiveMQ before 5.8.0.\");\n\n script_tag(name:\"insight\", value:\"- Flaw is due to an improper sanitation of user supplied input to the\n webapp/websocket/chat.js and PortfolioPublishServlet.java scripts via\n 'refresh' and 'subscribe message' parameters\n\n - Flaw is due to the web console not requiring any form of authentication\n for access.\n\n - Improper sanitation of HTTP request by the sample web applications in\n the out of box broker when it is enabled.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to version 5.8.0 or later.\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Apache ActiveMQ and is prone to\n multiple vulnerabilities.\");\n\n script_tag(name:\"qod_type\", value:\"remote_app\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"http_func.inc\");\ninclude(\"http_keepalive.inc\");\ninclude(\"host_details.inc\");\n\nif( ! port = get_app_port( cpe:CPE, service:\"www\" ) ) exit( 0 );\nget_app_location( cpe:CPE, port:port, nofork:TRUE ); # To have a reference to the Detection-NVT\n\nurl = \"/demo/portfolioPublish?refresh=<script>alert(document.cookie)</script>&stocks=XSS-Test\";\n\nif( http_vuln_check( port:port, url:url, check_header:TRUE, pattern:\"<script>alert\\(document\\.cookie\\)</script>\", extra_check:\">Published <\" ) ) {\n report = http_report_vuln_url( port:port, url:url );\n security_message( port:port, data:report );\n exit( 0 );\n}\n\nexit( 99 );\n", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:P"}}], "ibm": [{"lastseen": "2022-04-22T19:36:13", "description": "## Summary\n\nIBM has announced a release for IBM Security Identity Governance and Intelligence (IGI) in response to multiple security vulnerabilities. There are multiple vulnerabilities fixes to open source libraries distributed with IGI, other less secure algorithms for crypto, xss attacks and click jacking attacks.\n\n## Vulnerability Details\n\n**CVEID:** [CVE-2018-0124](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0124>) \n**DESCRIPTION:** Cisco Unified Communications Domain Manager could allow a remote attacker to execute arbitrary code on the system, caused by insecure key generation during application configuration. By sending arbitrary requests using the insecure key, an attacker could exploit this vulnerability to bypass security protections, gain elevated privileges and execute arbitrary code on the system. \nCVSS Base Score: 9.8 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/139282> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\n**CVEID:** [CVE-2018-0125](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0125>) \n**DESCRIPTION:** Cisco RV132W ADSL2+ Wireless-N VPN and RV134W VDSL2 Wireless-AC VPN Routers could allow a remote attacker to execute arbitrary code on the system, caused by an incomplete input validation on user-controlled input in an HTTP request in the Web interface. By sending a specially crafted HTTP request, an attacker could exploit this vulnerability to execute arbitrary code with root privileges or cause the device to reload. \nCVSS Base Score: 9.8 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/138770> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\n**CVEID:** [CVE-2015-5237](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5237>) \n**DESCRIPTION:** Google Protocol Buffers could allow a remote attacker to execute arbitrary code on the system, caused by an integer overflow in MessageLite::SerializeToString. A remote attacker could exploit this vulnerability to execute arbitrary code on the vulnerable system or cause a denial of service. \nCVSS Base Score: 6.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/105989> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L)\n\n**CVEID:** [CVE-2013-4517](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4517>) \n**DESCRIPTION:** Apache Santuario XML Security for Java is vulnerable to a denial of service, caused by an out of memory error when allowing Document Type Definitions (DTDs). A remote attacker could exploit this vulnerability via XML Signature transforms to cause a denial of service. \nCVSS Base Score: 5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/89891> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n**CVEID:** [CVE-2014-3596](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3596>) \n**DESCRIPTION:** Apache Axis and Axis2 could allow a remote attacker to conduct spoofing attacks, caused by and incomplete fix related to the failure to verify that the server hostname matches a domain name in the subject''s Common Name (CN) field of the X.509 certificate. By persuading a victim to visit a Web site containing a specially-crafted certificate, an attacker could exploit this vulnerability using man-in-the-middle techniques to spoof an SSL server. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/95377> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:N/I:P/A:N)\n\n**CVEID:** [CVE-2012-5784](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5784>) \n**DESCRIPTION:** Apache Axis 1.4, as used in multiple products, could allow a remote attacker to conduct spoofing attacks, caused by the failure to verify that the server hostname matches a domain name in the subject''s Common Name (CN) field of the X.509 certificate. An attacker could exploit this vulnerability using man-in-the-middle techniques to spoof an SSL server and launch further attacks against a vulnerable target. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/79829> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:N/I:P/A:N)\n\n**CVEID:** [CVE-2013-2186](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2186>) \n**DESCRIPTION:** Apache commons-fileupload could allow a remote attacker to overwrite arbitrary files on the system, caused by a NULL byte in the implementation of the DiskFileItem class. By sending a serialized instance of the DiskFileItem class, an attacker could exploit this vulnerability to write or overwrite arbitrary files on the system. \nCVSS Base Score: 6.4 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/88133> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:P/A:P)\n\n**CVEID:** [CVE-2016-3092](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3092>) \n**DESCRIPTION:** Apache Tomcat is vulnerable to a denial of service, caused by an error in the Apache Commons FileUpload component. By sending file upload requests, an attacker could exploit this vulnerability to cause the server to become unresponsive. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/114336> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [CVE-2016-1000031](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1000031>) \n**DESCRIPTION:** Apache Commons FileUpload, as used in Novell NetIQ Sentinel and other products, could allow a remote attacker to execute arbitrary code on the system, caused by deserialization of untrusted data in DiskFileItem class of the FileUpload library. A remote attacker could exploit this vulnerability to execute arbitrary code under the context of the current process. \nCVSS Base Score: 9.8 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/117957> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\n**CVEID:** [CVE-2014-0050](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0050>) \n**DESCRIPTION:** Apache Commons FileUpload, as used in Apache Tomcat, Solr, and other products is vulnerable to a denial of service, caused by the improper handling of Content-Type HTTP header for multipart requests by MultipartStream.java. An attacker could exploit this vulnerability using a specially crafted Content-Type header to cause the application to enter into an infinite loop. \nCVSS Base Score: 5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/90987> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n**CVEID:** [CVE-2013-4517](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4517>) \n**DESCRIPTION:** Apache Santuario XML Security for Java is vulnerable to a denial of service, caused by an out of memory error when allowing Document Type Definitions (DTDs). A remote attacker could exploit this vulnerability via XML Signature transforms to cause a denial of service. \nCVSS Base Score: 5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/89891> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n**CVEID:** [CVE-2013-2172](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2172>) \n**DESCRIPTION:** Apache Santuario XML Security for Java could allow a remote attacker to conduct spoofing attacks, caused by the failure to restrict canonicalization algorithms to be applied to the CanonicalizationMethod parameter. An attacker could exploit this vulnerability to spoof the XML signature. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/85323> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:N/I:P/A:N)\n\n**CVEID:** [CVE-2016-3092](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3092>) \n**DESCRIPTION:** Apache Tomcat is vulnerable to a denial of service, caused by an error in the Apache Commons FileUpload component. By sending file upload requests, an attacker could exploit this vulnerability to cause the server to become unresponsive. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/114336> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [CVE-2016-1000031](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1000031>) \n**DESCRIPTION:** Apache Commons FileUpload, as used in Novell NetIQ Sentinel and other products, could allow a remote attacker to execute arbitrary code on the system, caused by deserialization of untrusted data in DiskFileItem class of the FileUpload library. A remote attacker could exploit this vulnerability to execute arbitrary code under the context of the current process. \nCVSS Base Score: 9.8 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/117957> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\n**CVEID:** [CVE-2014-0050](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0050>) \n**DESCRIPTION:** Apache Commons FileUpload, as used in Apache Tomcat, Solr, and other products is vulnerable to a denial of service, caused by the improper handling of Content-Type HTTP header for multipart requests by MultipartStream.java. An attacker could exploit this vulnerability using a specially crafted Content-Type header to cause the application to enter into an infinite loop. \nCVSS Base Score: 5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/90987> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n**CVEID:** [CVE-2013-0248](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0248>) \n**DESCRIPTION:** Apache Commons FileUpload could allow a local attacker to launch a symlink attack. Temporary files are created insecurely. A local attacker could exploit this vulnerability by creating a symbolic link from a temporary file to various files on the system, which could allow the attacker to overwrite arbitrary files on the system with elevated privileges. \nCVSS Base Score: 3.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/82618> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:L/AC:M/Au:N/C:N/I:P/A:P)\n\n**CVEID:** [CVE-2016-3092](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3092>) \n**DESCRIPTION:** Apache Tomcat is vulnerable to a denial of service, caused by an error in the Apache Commons FileUpload component. By sending file upload requests, an attacker could exploit this vulnerability to cause the server to become unresponsive. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/114336> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [CVE-2016-1000031](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1000031>) \n**DESCRIPTION:** Apache Commons FileUpload, as used in Novell NetIQ Sentinel and other products, could allow a remote attacker to execute arbitrary code on the system, caused by deserialization of untrusted data in DiskFileItem class of the FileUpload library. A remote attacker could exploit this vulnerability to execute arbitrary code under the context of the current process. \nCVSS Base Score: 9.8 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/117957> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\n**CVEID:** [CVE-2014-0050](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0050>) \n**DESCRIPTION:** Apache Commons FileUpload, as used in Apache Tomcat, Solr, and other products is vulnerable to a denial of service, caused by the improper handling of Content-Type HTTP header for multipart requests by MultipartStream.java. An attacker could exploit this vulnerability using a specially crafted Content-Type header to cause the application to enter into an infinite loop. \nCVSS Base Score: 5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/90987> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n**CVEID:** [CVE-2013-0248](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0248>) \n**DESCRIPTION:** Apache Commons FileUpload could allow a local attacker to launch a symlink attack. Temporary files are created insecurely. A local attacker could exploit this vulnerability by creating a symbolic link from a temporary file to various files on the system, which could allow the attacker to overwrite arbitrary files on the system with elevated privileges. \nCVSS Base Score: 3.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/82618> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:L/AC:M/Au:N/C:N/I:P/A:P)\n\n**CVEID:** [CVE-2016-3092](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3092>) \n**DESCRIPTION:** Apache Tomcat is vulnerable to a denial of service, caused by an error in the Apache Commons FileUpload component. By sending file upload requests, an attacker could exploit this vulnerability to cause the server to become unresponsive. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/114336> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [CVE-2016-1000031](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1000031>) \n**DESCRIPTION:** Apache Commons FileUpload, as used in Novell NetIQ Sentinel and other products, could allow a remote attacker to execute arbitrary code on the system, caused by deserialization of untrusted data in DiskFileItem class of the FileUpload library. A remote attacker could exploit this vulnerability to execute arbitrary code under the context of the current process. \nCVSS Base Score: 9.8 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/117957> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\n**CVEID:** [CVE-2014-0050](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0050>) \n**DESCRIPTION:** Apache Commons FileUpload, as used in Apache Tomcat, Solr, and other products is vulnerable to a denial of service, caused by the improper handling of Content-Type HTTP header for multipart requests by MultipartStream.java. An attacker could exploit this vulnerability using a specially crafted Content-Type header to cause the application to enter into an infinite loop. \nCVSS Base Score: 5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/90987> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n**CVEID:** [CVE-2013-0248](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0248>) \n**DESCRIPTION:** Apache Commons FileUpload could allow a local attacker to launch a symlink attack. Temporary files are created insecurely. A local attacker could exploit this vulnerability by creating a symbolic link from a temporary file to various files on the system, which could allow the attacker to overwrite arbitrary files on the system with elevated privileges. \nCVSS Base Score: 3.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/82618> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:L/AC:M/Au:N/C:N/I:P/A:P)\n\n**CVEID:** [CVE-2014-0054](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0054>) \n**DESCRIPTION:** Pivotal Spring Framework could allow a remote attacker to obtain sensitive information, caused by an XML External Entity Injection (XXE) error in Jaxb2RootElementHttpMessageConverter when processing XML data. By sending specially-crafted XML data, an attacker could exploit this vulnerability to read arbitrary files and obtain sensitive information. \nCVSS Base Score: 5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/91841> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:P/I:N/A:N)\n\n**CVEID:** [CVE-2013-7315](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7315>) \n**DESCRIPTION:** Pivotal Spring Framework could allow a remote attacker to obtain sensitive information, caused by an XML External Entity Injection (XXE) error when processing XML data. By sending a specially-crafted request, an attacker could exploit this vulnerability to read arbitrary files and obtain sensitive information. \nCVSS Base Score: 5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/95219> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:P/I:N/A:N)\n\n**CVEID:** [CVE-2013-6429](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6429>) \n**DESCRIPTION:** Spring Framework could allow a remote attacker to obtain sensitive information, caused by an error when parsing XML entities. By persuading a victim to open a specially-crafted XML document containing external entity references, an attacker could exploit this vulnerability to obtain sensitive information. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/90451> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N)\n\n**CVEID:** [CVE-2013-4152](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4152>) \n**DESCRIPTION:** Pivotal Spring Framework could allow a remote attacker to obtain sensitive information, caused by an XML External Entity Injection (XXE) error when processing XML data. By sending a specially-crafted request, an attacker could exploit this vulnerability to read arbitrary files and obtain sensitive information. \nCVSS Base Score: 5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/86589> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:P/I:N/A:N)\n\n**CVEID:** [CVE-2011-2730](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2730>) \n**DESCRIPTION:** Spring Framework could allow a remote attacker to obtain sensitive information, caused by an error when handling the Expression Language. An attacker could exploit this vulnerability to obtain classpaths and other sensitive information. \nCVSS Base Score: 5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/69688> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:P/I:N/A:N)\n\n**CVEID:** [CVE-2010-1622](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1622>) \n**DESCRIPTION:** Spring Framework could allow a remote attacker to execute arbitrary code on the system, caused by an error in the mechanism to use client provided data to update the properties of an object. An attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base Score: 7.5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/59573> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:P/I:P/A:P)\n\n**CVEID:** [CVE-2018-1272](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1272>) \n**DESCRIPTION:** Pivotal Spring Framework could allow a remote authenticated attacker to gain elevated privileges on the system, caused by improper input validation. By sending a specially-crafted request, an attacker could exploit this vulnerability to gain elevated privileges. \nCVSS Base Score: 5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/141286> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L)\n\n**CVEID:** [CVE-2018-1271](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1271>) \n**DESCRIPTION:** Pivotal Spring Framework could allow a remote attacker to traverse directories on the system, caused by improper validation of user request. An attacker could send a specially-crafted URL request containing \"dot dot\" sequences (/../) to configure Spring MVC to serve static resources. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/141285> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)\n\n**CVEID:** [CVE-2018-1270](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1270>) \n**DESCRIPTION:** Pivotal Spring Framework could allow a remote attacker to execute arbitrary code on the system, caused by the exposure of STOMP over WebSocket endpoints with a STOMP broker through the spring-messaging module. By sending a specially-crafted message, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base Score: 9.8 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/141284> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\n**CVEID:** [CVE-2016-9878](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9878>) \n**DESCRIPTION:** Pivotal Spring Framework could allow a remote attacker to traverse directories on the system, caused by the failure to sanitize paths provided to ResourceServlet. An attacker could send a specially-crafted URL request containing directory traversal sequences to view arbitrary files on the system. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/120241> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n**CVEID:** [CVE-2014-1904](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1904>) \n**DESCRIPTION:** Spring MVC is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the FormTag.java script. A remote attacker could exploit this vulnerability using a specially-crafted URL to execute script in a victim''s Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim''s cookie-based authentication credentials. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/91890> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:N/I:P/A:N)\n\n**CVEID:** [CVE-2014-3596](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3596>) \n**DESCRIPTION:** Apache Axis and Axis2 could allow a remote attacker to conduct spoofing attacks, caused by and incomplete fix related to the failure to verify that the server hostname matches a domain name in the subject''s Common Name (CN) field of the X.509 certificate. By persuading a victim to visit a Web site containing a specially-crafted certificate, an attacker could exploit this vulnerability using man-in-the-middle techniques to spoof an SSL server. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/95377> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:N/I:P/A:N)\n\n**CVEID:** [CVE-2012-5784](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5784>) \n**DESCRIPTION:** Apache Axis 1.4, as used in multiple products, could allow a remote attacker to conduct spoofing attacks, caused by the failure to verify that the server hostname matches a domain name in the subject''s Common Name (CN) field of the X.509 certificate. An attacker could exploit this vulnerability using man-in-the-middle techniques to spoof an SSL server and launch further attacks against a vulnerable target. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/79829> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:N/I:P/A:N)\n\n**CVEID:** [CVE-2013-3060](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3060>) \n**DESCRIPTION:** Apache ActiveMQ is vulnerable to a denial of service, caused by the failure to require authentication, by the Web console. By sending specially-crafted HTTP requests, an attacker could exploit this vulnerability to obtain sensitive information or cause a denial of service. \nCVSS Base Score: 6.4 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/83719> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:P/I:N/A:P)\n\n**CVEID:** [CVE-2013-1880](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1880>) \n**DESCRIPTION:** Apache ActiveMQ is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the demo/portfolioPublish script. A remote attacker could exploit this vulnerability using the refresh parameter in a specially-crafted URL to execute script in a victim''s Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim''s cookie-based authentication credentials. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/103075> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:N/I:P/A:N)\n\n**CVEID:** [CVE-2013-1879](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1879>) \n**DESCRIPTION:** Apache ActiveMQ is vulnerable to cross-site scripting, caused by improper validation of user-supplied input when handling cron jobs. A remote attacker could exploit this vulnerability using specific parameters to inject malicious script into a Web page which would be executed in a victim''s Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim''s cookie-based authentication credentials. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/85586> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:N/I:P/A:N)\n\n**CVEID:** [CVE-2012-6551](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6551>) \n**DESCRIPTION:** Apache ActiveMQ is vulnerable to a denial of service, caused by the enablement of a sample web application by the default configuration. By sending specially-crafted HTTP requests, an attacker could exploit this vulnerability to consume broker resources and cause a denial of service. \nCVSS Base Score: 5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/83718> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n**CVEID:** [CVE-2012-6092](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6092>) \n**DESCRIPTION:** Apache ActiveMQ is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by multiple vectors. A remote attacker could exploit this vulnerability using various parameters in a specially-crafted URL to execute script in a victim''s Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim''s cookie-based authentication credentials. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/83720> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:N/I:P/A:N)\n\n**CVEID:** [CVE-2012-5784](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5784>) \n**DESCRIPTION:** Apache Axis 1.4, as used in multiple products, could allow a remote attacker to conduct spoofing attacks, caused by the failure to verify that the server hostname matches a domain name in the subject''s Common Name (CN) field of the X.509 certificate. An attacker could exploit this vulnerability using man-in-the-middle techniques to spoof an SSL server and launch further attacks against a vulnerable target. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/79829> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:N/I:P/A:N)\n\n**CVEID:** [CVE-2011-4905](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4905>) \n**DESCRIPTION:** Apache ActiveMQ is vulnerable to a denial of service, caused by an error in the failover mechanism when handling an openwire connection request. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to cause the broker service to crash. \nCVSS Base Score: 5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/71620> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n**CVEID:** [CVE-2015-1830](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1830>) \n**DESCRIPTION:** Apache ActiveMQ could allow a remote attacker to traverse directories on the system, caused by an error in the fileserver upload/download functionality. By placing a jsp file in the admin console, an attacker could exploit this vulnerability to execute arbitrary shell commands on the system. \nCVSS Base Score: 9.8 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/105644> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\n**CVEID:** [CVE-2014-8110](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8110>) \n**DESCRIPTION:** Apache ActiveMQ is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability using a specially-crafted URL to execute script in a victim''s Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim''s cookie-based authentication credentials. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/100724> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:N/I:P/A:N)\n\n**CVEID:** [CVE-2014-3612](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3612>) \n**DESCRIPTION:** Apache ActiveMQ could allow a remote authenticated attacker to bypass security restrictions, caused by an error in the LDAPLoginModule implementation. By sending an empty password, an attacker could exploit this vulnerability to bypass the authentication mechanism of an application using LDAPLoginModule and assume the role of another user. \nCVSS Base Score: 5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/100723> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:P/A:N)\n\n**CVEID:** [CVE-2014-3600](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3600>) \n**DESCRIPTION:** Apache ActiveMQ could allow a remote attacker to obtain sensitive information, caused by an XML External Entity Injection (XXE) error when processing XML data. By sending specially-crafted XML data to specify an XPath based selector, an attacker could exploit this vulnerability to obtain sensitive information. \nCVSS Base Score: 5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/100722> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:P/I:N/A:N)\n\n**CVEID:** [CVE-2014-3576](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3576>) \n**DESCRIPTION:** Apache ActiveMQ is vulnerable to a denial of service, caused by an error in the processControlCommand function in broker/TransportConnection.java. A remote attacker could use the shutdown command to shutdown the service. \nCVSS Base Score: 7.5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/107290> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n**CVEID:** [CVE-2015-6524](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6524>) \n**DESCRIPTION:** Apache ActiveMQ is vulnerable to a brute force attack, caused by an error in the LDAPLoginModule implementation. An attacker could exploit this vulnerability using the wildcard in usernames to obtain user credentials. \nCVSS Base Score: 7.5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/106187> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:P/I:P/A:P)\n\n**CVEID:** [CVE-2015-5254](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5254>) \n**DESCRIPTION:** Apache ActiveMQ could allow a remote attacker to execute arbitrary code on the system, caused by the failure to restrict the classes that can be serialized in the broker. An attacker could exploit this vulnerability using a specially crafted serialized Java Message Service (JMS) ObjectMessage object to execute arbitrary code on the system. \nCVSS Base Score: 7.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/109632> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)\n\n**CVEID:** [CVE-2015-5184](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5184>) \n**DESCRIPTION:** Red Hat JBoss A-MQ could allow a remote attacker to obtain sensitive information, caused by the Access-Control-Allow-Origin header permits unrestricted sharing in Hawtio console. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to obtain sensitive information. \nCVSS Base Score: 7.5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/132635> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)\n\n**CVEID:** [CVE-2015-5183](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5183>) \n**DESCRIPTION:** Red Hat JBoss A-MQ could allow a remote attacker to obtain sensitive information, caused by no HTTPOnly or Secure attributes on cookies configured in Hawtio console. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to obtain an authenticated user''s SessionID. \nCVSS Base Score: 7.5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/132634> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)\n\n**CVEID:** [CVE-2015-5182](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5182>) \n**DESCRIPTION:** Red Hat JBoss A-MQ is vulnerable to cross-site request forgery, caused by improper validation of user-supplied input by the jolokia API. By persuading an authenticated user to visit a malicious Web site, a remote attacker could send a malformed HTTP request to perform unauthorized actions. An attacker could exploit this vulnerability to perform cross-site scripting attacks, Web cache poisoning, and other malicious activities. \nCVSS Base Score: 8.8 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/132633> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)\n\n**CVEID:** [CVE-2015-6524](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6524>) \n**DESCRIPTION:** Apache ActiveMQ is vulnerable to a brute force attack, caused by an error in the LDAPLoginModule implementation. An attacker could exploit this vulnerability using the wildcard in usernames to obtain user credentials. \nCVSS Base Score: 7.5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/106187> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:P/I:P/A:P)\n\n**CVEID:** [CVE-2015-5254](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5254>) \n**DESCRIPTION:** Apache ActiveMQ could allow a remote attacker to execute arbitrary code on the system, caused by the failure to restrict the classes that can be serialized in the broker. An attacker could exploit this vulnerability using a specially crafted serialized Java Message Service (JMS) ObjectMessage object to execute arbitrary code on the system. \nCVSS Base Score: 7.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/109632> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)\n\n**CVEID:** [CVE-2015-5184](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5184>) \n**DESCRIPTION:** Red Hat JBoss A-MQ could allow a remote attacker to obtain sensitive information, caused by the Access-Control-Allow-Origin header permits unrestricted sharing in Hawtio console. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to obtain sensitive information. \nCVSS Base Score: 7.5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/132635> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)\n\n**CVEID:** [CVE-2015-5183](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5183>) \n**DESCRIPTION:** Red Hat JBoss A-MQ could allow a remote attacker to obtain sensitive information, caused by no HTTPOnly or Secure attributes on cookies configured in Hawtio console. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to obtain an authenticated user''s SessionID. \nCVSS Base Score: 7.5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/132634> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)\n\n**CVEID:** [CVE-2015-5182](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5182>) \n**DESCRIPTION:** Red Hat JBoss A-MQ is vulnerable to cross-site request forgery, caused by improper validation of user-supplied input by the jolokia API. By persuading an authenticated user to visit a malicious Web site, a remote attacker could send a malformed HTTP request to perform unauthorized actions. An attacker could exploit this vulnerability to perform cross-site scripting attacks, Web cache poisoning, and other malicious activities. \nCVSS Base Score: 8.8 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/132633> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)\n\n**CVEID:** [CVE-2016-0782](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0782>) \n**DESCRIPTION:** Apache ActiveMQ is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the web based administration console. A remote attacker could exploit this vulnerability using a specially-crafted URL to execute script in a victim''s Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim''s cookie-based authentication credentials. \nCVSS Base Score: 6.1 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/111420> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)\n\n**CVEID:** [CVE-2016-0734](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0734>) \n**DESCRIPTION:** Apache ActiveMQ could allow a remote attacker to hijack the clicking action of the victim, caused by the failure to set the X-Frame-Options header in HTTP responses by the Administrative Web console. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim''s click actions. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/111421> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N)\n\n**CVEID:** [CVE-2016-3088](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3088>) \n**DESCRIPTION:** Apache ActiveMQ could allow a remote attacker to execute arbitrary code on the system, caused by an error in the Fileserver web application. By sending a specially crafted HTTP PUT request and an HTTP MOVE request, an attacker could exploit this vulnerability to create an arbitrary file and execute arbitrary code on the system. \nCVSS Base Score: 7.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/113414> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)\n\n**CVEID:** [CVE-2016-6810](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6810>) \n**DESCRIPTION:** Apache ActiveMQ is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability in a specially-crafted URL to execute script in a victim''s Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim''s cookie-based authentication credentials. \nCVSS Base Score: 6.1 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/119699> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)\n\n**CVEID:** [CVE-2016-0782](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0782>) \n**DESCRIPTION:** Apache ActiveMQ is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the web based administration console. A remote attacker could exploit this vulnerability using a specially-crafted URL to execute script in a victim''s Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim''s cookie-based authentication credentials. \nCVSS Base Score: 6.1 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/111420> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)\n\n**CVEID:** [CVE-2016-0734](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0734>) \n**DESCRIPTION:** Apache ActiveMQ could allow a remote attacker to hijack the clicking action of the victim, caused by the failure to set the X-Frame-Options header in HTTP responses by the Administrative Web console. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim''s click actions. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/111421> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N)\n\n**CVEID:** [CVE-2016-3088](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3088>) \n**DESCRIPTION:** Apache ActiveMQ could allow a remote attacker to execute arbitrary code on the system, caused by an error in the Fileserver web application. By sending a specially crafted HTTP PUT request and an HTTP MOVE request, an attacker could exploit this vulnerability to create an arbitrary file and execute arbitrary code on the system. \nCVSS Base Score: 7.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/113414> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)\n\n**CVEID:** [CVE-2016-6810](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6810>) \n**DESCRIPTION:** Apache ActiveMQ is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability in a specially-crafted URL to execute script in a victim''s Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim''s cookie-based authentication credentials. \nCVSS Base Score: 6.1 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/119699> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)\n\n**CVEID:** [CVE-2016-9739](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9739>) \n**DESCRIPTION:** IBM Security Identity Manager Virtual Appliance stores user credentials in plain in clear text which can be read by a local user. \nCVSS Base Score: 6.2 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/119789> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)\n\n**CVEID:** [CVE-2016-0357](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0357>) \n**DESCRIPTION:** IBM Security Identity Manager Virtual Appliance could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim''s click actions and possibly launch further attacks against the victim. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/111896> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)\n\n**CVEID:** [CVE-2016-0340](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0340>) \n**DESCRIPTION:** IBM Security Identity Manager Virtual Appliance could allow a local user to take over a previously logged in user due to session expiration not being enforced. \nCVSS Base Score: 4.9 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/111780> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L)\n\n**CVEID:** [CVE-2016-0339](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0339>) \n**DESCRIPTION:** IBM Security Identity Manager Virtual Appliance could allow an attacker with traffic records between a victim and the ISIM to spoof another user due to invalid session identifiers after the victim has logged out. \nCVSS Base Score: 5.6 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/111749> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L)\n\n**CVEID:** [CVE-2016-0338](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0338>) \n**DESCRIPTION:** IBM Security Identity Manager Virtual Appliance could allow a local user to obtain sensitive information including passwords in cleartext by examining configuration files and/or running processes. \nCVSS Base Score: 6.2 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/111748> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)\n\n**CVEID:** [CVE-2016-0330](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0330>) \n**DESCRIPTION:** IBM Security Identity Manager Virtual Appliance uses a weak password algorithm which allows users to create insecure passwords. An attacker could exploit this vulnerability to gain access to the system. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/111693> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n**CVEID:** [CVE-2016-3092](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3092>) \n**DESCRIPTION:** Apache Tomcat is vulnerable to a denial of service, caused by an error in the Apache Commons FileUpload component. By sending file upload requests, an attacker could exploit this vulnerability to cause the server to become unresponsive. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/114336> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [CVE-2016-1000031](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1000031>) \n**DESCRIPTION:** Apache Commons FileUpload, as used in Novell NetIQ Sentinel and other products, could allow a remote attacker to execute arbitrary code on the system, caused by deserialization of untrusted data in DiskFileItem class of the FileUpload library. A remote attacker could exploit this vulnerability to execute arbitrary code under the context of the current process. \nCVSS Base Score: 9.8 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/117957> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\n**CVEID:** [CVE-2014-0050](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0050>) \n**DESCRIPTION:** Apache Commons FileUpload, as used in Apache Tomcat, Solr, and other products is vulnerable to a denial of service, caused by the improper handling of Content-Type HTTP header for multipart requests by MultipartStream.java. An attacker could exploit this vulnerability using a specially crafted Content-Type header to cause the application to enter into an infinite loop. \nCVSS Base Score: 5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/90987> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)\n\n**CVEID:** [CVE-2013-0248](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0248>) \n**DESCRIPTION:** Apache Commons FileUpload could allow a local attacker to launch a symlink attack. Temporary files are created insecurely. A local attacker could exploit this vulnerability by creating a symbolic link from a temporary file to various files on the system, which could allow the attacker to overwrite arbitrary files on the system with elevated privileges. \nCVSS Base Score: 3.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/82618> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:L/AC:M/Au:N/C:N/I:P/A:P)\n\n**CVEID:** [CVE-2018-7489](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7489>) \n**DESCRIPTION:** FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by a deserialization flaw in the readValue method of the ObjectMapper. By sending specially crafted JSON input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base Score: 7.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/139549> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)\n\n**CVEID:** [CVE-2018-5968](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5968>) \n**DESCRIPTION:** FasterXML jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by deserialization flaws. By using two different gadgets that bypass a blocklist, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base Score: 7.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/138088> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)\n\n**CVEID:** [CVE-2017-7525](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7525>) \n**DESCRIPTION:** Apache Struts could allow a remote attacker to execute arbitrary code on the system, caused by a deserialization flaw within the Jackson JSON library in the readValue method of the ObjectMapper. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base Score: 9.8 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/134639> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\n**CVEID:** [CVE-2017-17485](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17485>) \n**DESCRIPTION:** Jackson-databind could allow a remote attacker to execute arbitrary code on the system, caused by a flaw in the default-typing feature. An attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base Score: 9.8 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/137340> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\n**CVEID:** [CVE-2017-15095](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15095>) \n**DESCRIPTION:** Jackson Library could allow a remote attacker to execute arbitrary code on the system, caused by a deserialization flaw in the readValue() method of the ObjectMapper. By sending specially crafted data, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base Score: 9.8 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/135123> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\n**CVEID:** [CVE-2014-0114](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0114>) \n**DESCRIPTION:** Apache Struts could allow a remote attacker to execute arbitrary code on the system, caused by the failure to restrict the setting of Class Loader attributes. An attacker could exploit this vulnerability using the class parameter of an ActionForm object to manipulate the ClassLoader and execute arbitrary code on the system. \nCVSS Base Score: 7.5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/92889> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:L/Au:N/C:P/I:P/A:P)\n\n**CVEID:** [CVE-2018-1000199](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000199>) \n**DESCRIPTION:** Linux Kernel is vulnerable to a denial of service, caused by a ptrace() error handling flaw. By invoking the modify_user_hw_breakpoint() function, a local attacker could exploit this vulnerability to cause the kernel to crash. \nCVSS Base Score: 6.2 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/142654> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n**CVEID:** [CVE-2018-8897](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8897>) \n**DESCRIPTION:** Multiple operating systems could allow a local authenticated attacker to gain elevated privileges on the system, caused by developer interpretation of hardware debug exception documentation for the MOV to SS and POP SS instructions. An attacker could exploit this vulnerability using operating system APIs to obtain sensitive memory information or control low-level operating system functions and other unexpected behavior. \nCVSS Base Score: 7 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/142242> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H)\n\n**CVEID:** [CVE-2018-1091](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1091>) \n**DESCRIPTION:** Linux Kernel is vulnerable to a denial of service, caused by a missing processor feature check in the flush_tmregs_to_thread function. A local attacker could exploit this vulnerability to cause the guest kernel to crash. \nCVSS Base Score: 6.2 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/140892> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n**CVEID:** [CVE-2018-1087](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1087>) \n**DESCRIPTION:** Linux Kernel could allow a local attacker to gain elevated privileges on the system, caused by the improper handling of exceptions delivered after a stack switch operation using the MOV to SS and POP SS instructions by the KVM hypervisor. An attacker could exploit this vulnerability to gain elevated privileges or cause the guest to crash. \nCVSS Base Score: 8.4 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/142976> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\n**CVEID:** [CVE-2018-1068](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1068>) \n**DESCRIPTION:** Linux Kernel could allow a local authenticated attacker to gain elevated privileges on the system, caused by an error in the implementation of 32 bit syscall interface. An attacker could exploit this vulnerability to gain root privileges on the system. \nCVSS Base Score: 8.1 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/140403> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H)\n\n**CVEID:** [CVE-2017-16939](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16939>) \n**DESCRIPTION:** Linux Kernel could allow a remote attacker to gain elevated privileges on the system, caused by an use-after-free in the Netlink socket subsystem XFRM. By sending a specially-crafted request, an attacker could exploit this vulnerability to gain privileges. \nCVSS Base Score: 9.8 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/135317> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\n**CVEID:** [CVE-2018-10915](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10915>) \n**DESCRIPTION:** PostgreSQL could allow a remote attacker to bypass security restrictions, caused by an issue with improperly resting internal state in between connections in the libpq library. By sending a specially-crafted request, an attacker could exploit this vulnerability to bypass client-side connection security features. \nCVSS Base Score: 7.5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/148225> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N)\n\n**CVEID:** [CVE-2018-5740](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5740>) \n**DESCRIPTION:** ISC BIND is vulnerable to a denial of service, caused by a defect in the deny-answer-aliases feature. By triggering this defect, a remote attacker could exploit this vulnerability to cause an INSIST assertion failure in name.c. \nCVSS Base Score: 7.5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/148131> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n**CVEID:** [CVE-2018-3693](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3693>) \n**DESCRIPTION:** Intel Haswell Xeon, AMD PRO and ARM Cortex A57 CPUs could allow a local authenticated attacker to obtain sensitive information, caused by a bounds check bypass in the CPU speculative branch instruction execution feature. By conducting targeted cache side-channel attacks, an attacker could exploit this vulnerability to cross the syscall boundary and read data from the CPU virtual memory. \nCVSS Base Score: 7.1 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/146191> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N)\n\n**CVEID:** [CVE-2018-3646](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3646>) \n**DESCRIPTION:** Multiple Intel CPU''s could allow a local attacker to obtain sensitive information, caused by a flaw in the CPU speculative branch instruction execution feature. By conducting targeted cache side-channel attacks and via a terminal page fault, an attacker with guest OS privilege could exploit this vulnerability to leak information residing in the L1 data cache and read data belonging to different security contexts. \nCVSS Base Score: 7.1 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/148319> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N)\n\n**CVEID:** [CVE-2018-3620](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3620>) \n**DESCRIPTION:** Multiple Intel CPU''s could allow a local attacker to obtain sensitive information, caused by a flaw in the CPU speculative branch instruction execution feature. By conducting targeted cache side-channel attacks and via a terminal page fault, an attacker could exploit this vulnerability to leak information residing in the L1 data cache and read data belonging to different security contexts. Note: This vulnerability is also known as the \"L1 Terminal Fault (L1TF)\" or \"Foreshadow\" attack. \nCVSS Base Score: 7.1 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/148318> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N)\n\n**CVEID:** [CVE-2018-1944](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1944>) \n**DESCRIPTION:** IBM Security Identity Governance Virtual Appliance contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. \nCVSS Base Score: 5.1 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/153386> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N)\n\n**CVEID:** [CVE-2018-1945](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1945>) \n**DESCRIPTION:** IBM Security Identity Governance Virtual Appliance could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attacks against the victim. \nCVSS Base Score: 6.1 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/153387> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)\n\n**CVEID:** [CVE-2017-7957](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7957>) \n**DESCRIPTION:** XStream is vulnerable to a denial of service, caused by the improper handling of attempts to create an instance of the primitive type ''void'' during unmarshalling. A remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/125800> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n**CVEID:** [CVE-2016-3674](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3674>) \n**DESCRIPTION:** XStream could allow a remote attacker to obtain sensitive information, caused by an error when processing XML external entities. By sending specially-crafted XML data, an attacker could exploit this vulnerability to obtain sensitive information. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/111806> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\n**CVEID:** [CVE-2013-7285](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7285>) \n**DESCRIPTION:** XStream could allow a remote attacker to execute arbitrary code on the system, caused by an error in the XMLGenerator API. An attacker could exploit this vulnerability to execute arbitrary code on the system or cause the application to crash. \nCVSS Base Score: 6.8 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/90229> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (AV:N/AC:M/Au:N/C:P/I:P/A:P)\n\n**CVEID:** [CVE-2018-1946](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1946>) \n**DESCRIPTION:** IBM Security Identity Governance Virtual Appliance supports interaction between multiple actors and allows those actors to negotiate which algorithm should be used as a protection mechanism such as encryption or authentication, but it does not select the strongest algorithm that is available to both parties. \nCVSS Base Score: 5.9 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/153388> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N)\n\n**CVEID:** [CVE-2018-1947](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1947>) \n**DESCRIPTION:** IBM Security Identity Governance Virtual Appliance is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. \nCVSS Base Score: 6.1 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/153427> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)\n\n**CVEID:** [CVE-2018-1948](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1948>) \n**DESCRIPTION:** IBM Security Identity Governance Virtual Appliance does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a site the user goes to. The cookie will be sent to the insecure link and the attacker can then obtain the cookie value by snooping the traffic. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/153428> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N)\n\n**CVEID:** [CVE-2018-1949](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1949>) \n**DESCRIPTION:** IBM Security Identity Governance Virtual Appliance discloses sensitive information to unauthorized users. The information can be used to mount further attacks on the system. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/153429> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N)\n\n**CVEID:** [CVE-2018-1950](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1950>) \n**DESCRIPTION:** IBM Security Identity Governance Virtual Appliance generates an error message that includes sensitive information about its environment, users, or associated data which could be used in further attacks against the system. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/153430> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N)\n\n## Affected Products and Versions\n\nIBM Security Identity Governance and Intelligence (IGI) 5.2, 5.2.1, 5.2.2, 5.2.2.1, 5.2.3, 5.2.3.1, 5.2.3.2, 5.2.4, 5.2.4.1\n\n## Remediation/Fixes\n\nProduct Name\n\n| VRMF | First Fix \n---|---|--- \nIGI | 5.2 | [5.2.5.0-ISS-ISIG-VA-FP0000](<https://www-945.ibm.com/support/fixcentral/swg/selectFixes?parent=IBM%20Security&product=ibm/Tivoli/IBM+Security+Identity+Governance&release=5.2.5.0&platform=Linux&function=all>) \nIGI | 5.2.1 | [5.2.5.0-ISS-ISIG-VA-FP0000](<https://www-945.ibm.com/support/fixcentral/swg/selectFixes?parent=IBM%20Security&product=ibm/Tivoli/IBM+Security+Identity+Governance&release=5.2.5.0&platform=Linux&function=all>) \nIGI | 5.2.2 | [5.2.5.0-ISS-ISIG-VA-FP0000](<https://www-945.ibm.com/support/fixcentral/swg/selectFixes?parent=IBM%20Security&product=ibm/Tivoli/IBM+Security+Identity+Governance&release=5.2.5.0&platform=Linux&function=all>) \nIGI | 5.2.2.1 | [5.2.5.0-ISS-ISIG-VA-FP0000](<https://www-945.ibm.com/support/fixcentral/swg/selectFixes?parent=IBM%20Security&product=ibm/Tivoli/IBM+Security+Identity+Governance&release=5.2.5.0&platform=Linux&function=all>) \nIGI | 5.2.3 | [5.2.5.0-ISS-ISIG-VA-FP0000](<https://www-945.ibm.com/support/fixcentral/swg/selectFixes?parent=IBM%20Security&product=ibm/Tivoli/IBM+Security+Identity+Governance&release=5.2.5.0&platform=Linux&function=all>) \nIGI | 5.2.3.1 | [5.2.5.0-ISS-ISIG-VA-FP0000](<https://www-945.ibm.com/support/fixcentral/swg/selectFixes?parent=IBM%20Security&product=ibm/Tivoli/IBM+Security+Identity+Governance&release=5.2.5.0&platform=Linux&function=all>) \nIGI | 5.2.3.2 | [5.2.5.0-ISS-ISIG-VA-FP0000](<https://www-945.ibm.com/support/fixcentral/swg/selectFixes?parent=IBM%20Security&product=ibm/Tivoli/IBM+Security+Identity+Governance&release=5.2.5.0&platform=Linux&function=all>) \nIGI | 5.2.4 | [5.2.5.0-ISS-ISIG-VA-FP0000](<https://www-945.ibm.com/support/fixcentral/swg/selectFixes?parent=IBM%20Security&product=ibm/Tivoli/IBM+Security+Identity+Governance&release=5.2.5.0&platform=Linux&function=all>) \nIGI | 5.2.4.1 | [5.2.5.0-ISS-ISIG-VA-FP0000](<https://www-945.ibm.com/support/fixcentral/swg/selectFixes?parent=IBM%20Security&product=ibm/Tivoli/IBM+Security+Identity+Governance&release=5.2.5.0&platform=Linux&function=all>) \n \n## Workarounds and Mitigations\n\nNone\n\n## Get Notified about Future Security Bulletins\n\nSubscribe to [My Notifications](< http://www-01.ibm.com/software/support/einfo.html>) to be notified of important product support alerts like this.\n\n### References \n\n[Complete CVSS v3 Guide](<http://www.first.org/cvss/user-guide> \"Link resides outside of ibm.com\" ) \n[On-line Calculator v3](<http://www.first.org/cvss/calculator/3.0> \"Link resides outside of ibm.com\" )\n\nOff \n\n## Related Information\n\n[IBM Secure Engineering Web Portal](<http://www.ibm.com/security/secure-engineering/bulletins.html>) \n[IBM Product Security Incident Response Blog](<http://www.ibm.com/blogs/psirt>)\n\n## Acknowledgement\n\nIBM X-Force Ethical Hacking Team: Ron Craig, Warren Moynihan, Jonathan Fitz-Gerald, John Zuccato, Rodney Ryan, Chris Shepherd, Dmitriy Beryoza\n\n*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.\n\n## Disclaimer\n\nAccording to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"\"AS IS\"\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY.\n\n## Document Location\n\nWorldwide\n\n[{\"Business Unit\":{\"code\":\"BU059\",\"label\":\"IBM Software w\\/o TPS\"},\"Product\":{\"code\":\"SSGHJR\",\"label\":\"IBM Security Identity Governance and Intelligence\"},\"Component\":\"\",\"Platform\":[{\"code\":\"PF004\",\"label\":\"Appliance\"}],\"Version\":\"5.2, 5.2.1, 5.2.2, 5.2.2.1, 5.2.3, 5.2.3.1, 5.2.3.2,, 5.2.4, 5.2.4.1\",\"Edition\":\"\",\"Line of Business\":{\"code\":\"LOB24\",\"label\":\"Security Software\"}}] \n\n## Product Synonym\n\nIGI; IGA", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-02-18T14:10:01", "type": "ibm", "title": "Security Bulletin: IBM has announced a release for IBM Security Identity Governance and Intelligence in response to multiple security vulnerabilities", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": true, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-1622", "CVE-2011-2730", "CVE-2011-4905", "CVE-2012-5784", "CVE-2012-6092", "CVE-2012-6551", "CVE-2013-0248", "CVE-2013-1879", "CVE-2013-1880", "CVE-2013-2172", "CVE-2013-2186", "CVE-2013-3060", "CVE-2013-4152", "CVE-2013-4517", "CVE-2013-6429", "CVE-2013-7285", "CVE-2013-7315", "CVE-2014-0050", "CVE-2014-0054", "CVE-2014-0114", "CVE-2014-1904", "CVE-2014-3576", "CVE-2014-3596", "CVE-2014-3600", "CVE-2014-3612", "CVE-2014-8110", "CVE-2015-1830", "CVE-2015-5182", "CVE-2015-5183", "CVE-2015-5184", "CVE-2015-5237", "CVE-2015-5254", "CVE-2015-6524", "CVE-2016-0330", "CVE-2016-0338", "CVE-2016-0339", "CVE-2016-0340", "CVE-2016-0357", "CVE-2016-0734", "CVE-2016-0782", "CVE-2016-1000031", "CVE-2016-3088", "CVE-2016-3092", "CVE-2016-3674", "CVE-2016-6810", "CVE-2016-9739", "CVE-2016-9878", "CVE-2017-15095", "CVE-2017-16939", "CVE-2017-17485", "CVE-2017-7525", "CVE-2017-7957", "CVE-2018-0124", "CVE-2018-0125", "CVE-2018-1000199", "CVE-2018-1068", "CVE-2018-1087", "CVE-2018-1091", "CVE-2018-10915", "CVE-2018-1270", "CVE-2018-1271", "CVE-2018-1272", "CVE-2018-1944", "CVE-2018-1945", "CVE-2018-1946", "CVE-2018-1947", "CVE-2018-1948", "CVE-2018-1949", "CVE-2018-1950", "CVE-2018-3620", "CVE-2018-3646", "CVE-2018-3693", "CVE-2018-5740", "CVE-2018-5968", "CVE-2018-7489", "CVE-2018-8897"], "modified": "2019-02-18T14:10:01", "id": "CD8271F1E3A620207AA3EAC35F944E1453EFEBC4728A88B9C3D9D0DA7F511F56", "href": "https://www.ibm.com/support/pages/node/872142", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}]}