Lucene search
K

78 matches found

OSV
OSV
added 2016/11/30 11:59 a.m.4 views

CVE-2016-2952

IBM BigFix Remote Control before 9.1.3 does not enable the HSTS protection mechanism, which makes it easier for remote attackers to obtain sensitive information by leveraging use of HTTP...

3.7CVSS5.8AI score0.01559EPSS
Exploits0References3
OSV
OSV
added 2016/11/30 11:59 a.m.2 views

CVE-2016-2951

IBM BigFix Remote Control before 9.1.3 does not properly set the default encryption strength, which makes it easier for remote attackers to defeat cryptographic protection mechanisms by sniffing the network and performing calculations on encrypted data...

3.7CVSS5.8AI score0.0066EPSS
Exploits0References3
OSV
OSV
added 2016/11/30 11:59 a.m.3 views

CVE-2016-2948

IBM BigFix Remote Control before 9.1.3 allows local users to discover hardcoded credentials via unspecified vectors...

7.8CVSS5.8AI score
Exploits0References3
OSV
OSV
added 2016/11/30 11:59 a.m.3 views

CVE-2016-2944

IBM BigFix Remote Control before 9.1.3 does not properly restrict failed login attempts, which makes it easier for remote attackers to obtain access via a brute-force approach...

9.8CVSS5.8AI score0.01539EPSS
Exploits0References3
NVD
NVD
added 2016/11/30 11:59 a.m.19 views

CVE-2016-2940

Multiple unspecified vulnerabilities in IBM BigFix Remote Control before 9.1.3 allow remote attackers to obtain sensitive information via unknown vectors...

5.3CVSS5.3AI score0.01262EPSS
Exploits0References3
OSV
OSV
added 2016/11/30 11:59 a.m.3 views

CVE-2016-2937

IBM BigFix Remote Control before 9.1.3 allows remote attackers to obtain sensitive information or spoof e-mail transmission via a crafted POST request, related to an "untrusted information vulnerability."...

6.5CVSS5.9AI score0.01254EPSS
Exploits0References3
NVD
NVD
added 2016/11/30 11:59 a.m.17 views

CVE-2016-2937

IBM BigFix Remote Control before 9.1.3 allows remote attackers to obtain sensitive information or spoof e-mail transmission via a crafted POST request, related to an "untrusted information vulnerability."...

6.5CVSS6.2AI score0.01254EPSS
Exploits0References3
NVD
NVD
added 2016/11/30 11:59 a.m.16 views

CVE-2016-2935

The broker application in IBM BigFix Remote Control before 9.1.3 allows remote attackers to cause a denial of service via an invalid HTTP request...

5.3CVSS5.3AI score0.01592EPSS
Exploits0References3
OSV
OSV
added 2016/11/30 11:59 a.m.2 views

CVE-2016-2933

Directory traversal vulnerability in IBM BigFix Remote Control before 9.1.3 allows remote authenticated administrators to read arbitrary files via a crafted request...

6.8CVSS5.9AI score0.02759EPSS
Exploits0References3
OSV
OSV
added 2016/11/30 11:59 a.m.2 views

CVE-2016-2932

IBM BigFix Remote Control before 9.1.3 allows remote attackers to conduct XML injection attacks via unspecified vectors...

5.3CVSS5.8AI score
Exploits0References3
NVD
NVD
added 2016/11/30 11:59 a.m.22 views

CVE-2016-2932

IBM BigFix Remote Control before 9.1.3 allows remote attackers to conduct XML injection attacks via unspecified vectors...

5.3CVSS5.5AI score0.01438EPSS
Exploits0References3
Prion
Prion
added 2016/11/30 11:59 a.m.14 views

Design/Logic Flaw

Multiple unspecified vulnerabilities in IBM BigFix Remote Control before 9.1.3 allow remote attackers to obtain sensitive information via unknown vectors...

5CVSS6.8AI score0.01262EPSS
Exploits0References3Affected Software1
Prion
Prion
added 2016/11/30 11:59 a.m.16 views

Directory traversal

Directory traversal vulnerability in IBM BigFix Remote Control before 9.1.3 allows remote authenticated administrators to read arbitrary files via a crafted request...

6.8CVSS6.6AI score0.02759EPSS
Exploits0References3Affected Software1
ATTACKERKB
ATTACKERKB
added 2016/11/30 11:59 a.m.4 views

CVE-2016-2949

IBM BigFix Remote Control before 9.1.3 allows local users to obtain sensitive information by reading cached web pages from a different user's session...

3.3CVSS5.5AI score0.00309EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2016/11/30 11:59 a.m.1 views

CVE-2016-2951

IBM BigFix Remote Control before 9.1.3 does not properly set the default encryption strength, which makes it easier for remote attackers to defeat cryptographic protection mechanisms by sniffing the network and performing calculations on encrypted data...

4.3CVSS5.6AI score0.0066EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2016/11/30 11:59 a.m.3 views

CVE-2016-2963

Cross-site request forgery CSRF vulnerability in IBM BigFix Remote Control before 9.1.3 allows remote attackers to hijack the authentication of arbitrary users for requests that insert XSS sequences...

8.8CVSS5.8AI score0.00629EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2016/11/30 11:59 a.m.2 views

CVE-2016-2952

IBM BigFix Remote Control before 9.1.3 does not enable the HSTS protection mechanism, which makes it easier for remote attackers to obtain sensitive information by leveraging use of HTTP...

4.3CVSS5.6AI score0.01559EPSS
Exploits0References4
Prion
Prion
added 2016/11/30 11:59 a.m.15 views

Session fixation

IBM BigFix Remote Control before 9.1.3 allows local users to obtain sensitive information by reading cached web pages from a different user's session...

2.1CVSS6.1AI score0.00309EPSS
Exploits0References3Affected Software1
Prion
Prion
added 2016/11/30 11:59 a.m.16 views

Design/Logic Flaw

IBM BigFix Remote Control before 9.1.3 allows local users to obtain sensitive information by leveraging unspecified privileges to read a log file...

1.9CVSS6AI score0.00274EPSS
Exploits0References3Affected Software1
ATTACKERKB
ATTACKERKB
added 2016/11/30 11:59 a.m.3 views

CVE-2016-2948

IBM BigFix Remote Control before 9.1.3 allows local users to discover hardcoded credentials via unspecified vectors...

7.8CVSS5.5AI score0.00281EPSS
Exploits0References4
Rows per page
Query Builder