40 matches found
Security feature bypass
IBM Algo One, as used in MetaData Management Tools in UDS 4.7.0 through 5.0.0, ACSWeb in Algo Security Access Control Management 4.7.0 through 4.9.0, and ACSWeb in AlgoWebApps 5.0.0, does not encrypt login requests, which allows remote attackers to obtain sensitive information by sniffing the...
Cross site scripting
Cross-site scripting XSS vulnerability in IBM Algo One, as used in MetaData Management Tools in UDS 4.7.0 through 5.0.0, ACSWeb in Algo Security Access Control Management 4.7.0 through 4.9.0, and ACSWeb in AlgoWebApps 5.0.0, allows remote authenticated users to inject arbitrary web script or HTML...
Sql injection
SQL injection vulnerability in IBM Algo One, as used in MetaData Management Tools in UDS 4.7.0 through 5.0.0, ACSWeb in Algo Security Access Control Management 4.7.0 through 4.9.0, and ACSWeb in AlgoWebApps 5.0.0, allows remote authenticated users to execute arbitrary SQL commands via unspecified...
Cross site scripting
Cross-site scripting XSS vulnerability in IBM Algo One, as used in MetaData Management Tools in UDS 4.7.0 through 5.0.0, ACSWeb in Algo Security Access Control Management 4.7.0 through 4.9.0, and ACSWeb in AlgoWebApps 5.0.0, allows remote authenticated users to inject arbitrary web script or HTML...
CVE-2013-6303
CVE-2013-6303 is a directory traversal vulnerability in IBM Algo One components: MetaData Management Tools (UDS 4.7.0–5.0.0), Algo Security Access Control Management (ACSWeb 4.7.0–4.9.0), and AlgoWebApps (ACSWeb 5.0.0). The underlying issue allows remote authenticated users to read arbitrary file...
CVE-2013-6302
CVE-2013-6302 is a SQL injection vulnerability affecting IBM Algo One as used in MetaData Management Tools (UDS 4.7.0–5.0.0), ACSWeb in Algo Security Access Control Management (4.7.0–4.9.0), and ACSWebApps (5.0.0). The underlying issue allows remote authenticated users to execute arbitrary SQL vi...
CVE-2013-6301
CVE-2013-6301 is an XSS vulnerability in IBM Algo One used by MetaData Management Tools in UDS 4.7.0–5.0.0, ACSWeb in Algo Security Access Control Management 4.7.0–4.9.0, and ACSWeb in AlgoWebApps 5.0.0. It allows remote authenticated users to inject arbitrary web script or HTML via unspecified v...
CVE-2013-6299
Technical details for CVE-2013-6299 are not publicly available in the provided documents. Monitor for updates from official advisories.
CVE-2013-6331
IBM Algo One contains a SQL injection vulnerability (CVE-2013-6331) in the MetaData Management Tools and related components (UDS 4.7.0–5.0.0; Algo Security Access Control Management 4.7.0–4.9.0; AlgoWebApps 5.0.0). The issue allows remote authenticated users to execute arbitrary SQL commands via ...
CVE-2013-6333
CVE-2013-6333 describes a cross-site scripting (XSS) vulnerability in IBM Algo One , as implemented in the MetaData Management Tools in UDS 4.7.0–5.0.0 , the ACSWeb in Algo Security Access Control Management 4.7.0–4.9.0 , and ACSWeb in AlgoWebApps 5.0.0 . The issue permits remote authenticated us...
CVE-2013-6318
CVE-2013-6318 is an XSS vulnerability affecting IBM Algo One components: MetaData Management Tools in UDS 4.7.0–5.0.0, ACSWeb in Algo Security Access Control Management 4.7.0–4.9.0, and ACSWeb in AlgoWebApps 5.0.0. It enables remote attackers to inject arbitrary web script or HTML via unspecified...
CVE-2013-5468
IBM Algo One, as used in MetaData Management Tools in UDS 4.7.0 through 5.0.0, ACSWeb in Algo Security Access Control Management 4.7.0 through 4.9.0, and ACSWeb in AlgoWebApps 5.0.0, does not encrypt login requests, which allows remote attackers to obtain sensitive information by sniffing the...
CVE-2013-6301
Cross-site scripting XSS vulnerability in IBM Algo One, as used in MetaData Management Tools in UDS 4.7.0 through 5.0.0, ACSWeb in Algo Security Access Control Management 4.7.0 through 4.9.0, and ACSWeb in AlgoWebApps 5.0.0, allows remote authenticated users to inject arbitrary web script or HTML...
CVE-2013-6303
Directory traversal vulnerability in IBM Algo One, as used in MetaData Management Tools in UDS 4.7.0 through 5.0.0, ACSWeb in Algo Security Access Control Management 4.7.0 through 4.9.0, and ACSWeb in AlgoWebApps 5.0.0, allows remote authenticated users to read arbitrary files via unspecified...
CVE-2013-6302
SQL injection vulnerability in IBM Algo One, as used in MetaData Management Tools in UDS 4.7.0 through 5.0.0, ACSWeb in Algo Security Access Control Management 4.7.0 through 4.9.0, and ACSWeb in AlgoWebApps 5.0.0, allows remote authenticated users to execute arbitrary SQL commands via unspecified...
CVE-2013-6318
Cross-site scripting XSS vulnerability in IBM Algo One, as used in MetaData Management Tools in UDS 4.7.0 through 5.0.0, ACSWeb in Algo Security Access Control Management 4.7.0 through 4.9.0, and ACSWeb in AlgoWebApps 5.0.0, allows remote attackers to inject arbitrary web script or HTML via...
CVE-2013-6320
Cross-site scripting XSS vulnerability in IBM Algo One, as used in MetaData Management Tools in UDS 4.7.0 through 5.0.0, ACSWeb in Algo Security Access Control Management 4.7.0 through 4.9.0, and ACSWeb in AlgoWebApps 5.0.0, allows remote authenticated users to inject arbitrary web script or HTML...
CVE-2013-5468
CVE-2013-5468 affects IBM Algo One usage in MetaData Management Tools (UDS 4.7.0–5.0.0) and AlgoWeb components (ACSWeb 4.7.0–4.9.0; AlgoWebApps 5.0.0). The common issue is that login requests are not encrypted, enabling remote attackers to sniff sensitive data on the network. Connected documents ...
Cisco Secure Access Control System Version
The remote host is running Cisco Secure Access Control System ACS, an access control management and appliance system. It is possible to get the ACS version number via SSH. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid69133; scriptversion"1.5";...
TWSL2011-017: Multiple Vulnerabilities in Merethis Centreon
Trustwave's SpiderLabs Security Advisory TWSL2011-017: Multiple Vulnerabilities in Merethis Centreon https://www.trustwave.com/spiderlabs/advisories/TWSL2011-017.txt Published: 2011-11-04 Version: 1.0 Vendor: Merethis http://www.merethis.com and http://www.centreon.com Product: Centreon Version...