Lucene search
+L

36 matches found

Prion
Prion
added 2015/02/13 2:59 a.m.19 views

Directory traversal

Directory traversal vulnerability in IBM Optim Performance Manager for DB2 4.1.0.1 through 4.1.1 on Linux, UNIX, and Windows and IBM InfoSphere Optim Performance Manager for DB2 5.1 through 5.3.1 on Linux, UNIX, and Windows allows remote attackers to access arbitrary files via a .. dot dot in a U...

7.8CVSS7.1AI score0.03517EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2015/02/13 2:0 a.m.48 views

CVE-2014-6154

CVE-2014-6154 is a directory-traversal vulnerability in IBM Optim Performance Manager for DB2 (versions 4.1.0.1–4.1.1) and IBM InfoSphere Optim Performance Manager for DB2 (versions 5.1–5.3.1), applicable on Linux, UNIX, and Windows. A remote attacker can obtain arbitrary file contents by supplyi...

7.8CVSS6.8AI score0.03517EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2015/02/13 2:0 a.m.26 views

CVE-2014-6154

Directory traversal vulnerability in IBM Optim Performance Manager for DB2 4.1.0.1 through 4.1.1 on Linux, UNIX, and Windows and IBM InfoSphere Optim Performance Manager for DB2 5.1 through 5.3.1 on Linux, UNIX, and Windows allows remote attackers to access arbitrary files via a .. dot dot in a U...

6.6AI score0.03517EPSS
Exploits0References2
NVD
NVD
added 2013/09/25 10:31 a.m.21 views

CVE-2013-4025

IBM Data Studio Web Console 3.x before 3.2, Optim Performance Manager 5.x before 5.2, InfoSphere Optim Configuration Manager 2.x before 2.2, and DB2 Recovery Expert 2.x do not have an off autocomplete attribute for the login-password field, which makes it easier for remote attackers to obtain...

1.9CVSS6.4AI score0.00479EPSS
Exploits0References2
NVD
NVD
added 2013/09/25 10:31 a.m.19 views

CVE-2013-4024

IBM Data Studio Web Console 3.x before 3.2, Optim Performance Manager 5.x before 5.2, InfoSphere Optim Configuration Manager 2.x before 2.2, and DB2 Recovery Expert 2.x support HTTP access to the Web Console, which allows remote attackers to read session cookies by sniffing the network...

4.3CVSS6.4AI score0.01066EPSS
Exploits0References2
NVD
NVD
added 2013/09/25 10:31 a.m.15 views

CVE-2013-4022

IBM Data Studio Web Console 3.x before 3.2, Optim Performance Manager 5.x before 5.2, InfoSphere Optim Configuration Manager 2.x before 2.2, and DB2 Recovery Expert 2.x store unspecified authentication information in a cookie, which allows remote authenticated users to bypass intended access...

3.5CVSS6AI score0.00922EPSS
Exploits0References2
Prion
Prion
added 2013/09/25 10:31 a.m.16 views

Design/Logic Flaw

IBM Data Studio Web Console 3.x before 3.2, Optim Performance Manager 5.x before 5.2, InfoSphere Optim Configuration Manager 2.x before 2.2, and DB2 Recovery Expert 2.x support HTTP access to the Web Console, which allows remote attackers to read session cookies by sniffing the network...

4.3CVSS6.9AI score0.01066EPSS
Exploits0References2Affected Software4
Prion
Prion
added 2013/09/25 10:31 a.m.11 views

Design/Logic Flaw

IBM Data Studio Web Console 3.x before 3.2, Optim Performance Manager 5.x before 5.2, InfoSphere Optim Configuration Manager 2.x before 2.2, and DB2 Recovery Expert 2.x store unspecified authentication information in a cookie, which allows remote authenticated users to bypass intended access...

3.5CVSS6.5AI score0.00922EPSS
Exploits0References2Affected Software4
Prion
Prion
added 2013/09/25 10:31 a.m.12 views

Design/Logic Flaw

IBM Data Studio Web Console 3.x before 3.2, Optim Performance Manager 5.x before 5.2, InfoSphere Optim Configuration Manager 2.x before 2.2, and DB2 Recovery Expert 2.x do not have an off autocomplete attribute for the login-password field, which makes it easier for remote attackers to obtain...

1.9CVSS6.9AI score0.00479EPSS
Exploits0References2Affected Software4
CVE
CVE
added 2013/09/25 10:0 a.m.46 views

CVE-2013-4025

CVE-2013-4025 affects IBM Data Studio Web Console (3.x before 3.2), Optim Performance Manager (5.x before 5.2), InfoSphere Optim Configuration Manager (2.x before 2.2), and DB2 Recovery Expert (2.x). The root cause is lack of an off autocomplete attribute on the login-password field, enabling an ...

1.9CVSS6.6AI score0.00479EPSS
Exploits0References2Affected Software4
CVE
CVE
added 2013/09/25 10:0 a.m.52 views

CVE-2013-4024

CVE-2013-4024 affects IBM Data Studio Web Console (3.x before 3.2), Optim Performance Manager (5.x before 5.2), InfoSphere Optim Configuration Manager (2.x before 2.2), and DB2 Recovery Expert (2.x). The issue arises from the Web Console serving over HTTP, allowing remote attackers to read sessio...

4.3CVSS6.6AI score0.01066EPSS
Exploits0References2Affected Software4
CVE
CVE
added 2013/09/25 10:0 a.m.43 views

CVE-2013-4022

CVE-2013-4022 affects IBM Data Studio Web Console, Optim Performance Manager, IBM InfoSphere Optim Configuration Manager, and DB2 Recovery Expert. A flaw stores unspecified authentication information in cookies, enabling remote authenticated users to bypass access restrictions via unknown vectors...

3.5CVSS6.1AI score0.00922EPSS
Exploits0References2Affected Software4
Cvelist
Cvelist
added 2013/09/25 10:0 a.m.25 views

CVE-2013-4025

IBM Data Studio Web Console 3.x before 3.2, Optim Performance Manager 5.x before 5.2, InfoSphere Optim Configuration Manager 2.x before 2.2, and DB2 Recovery Expert 2.x do not have an off autocomplete attribute for the login-password field, which makes it easier for remote attackers to obtain...

6.4AI score0.00479EPSS
Exploits0References2
Cvelist
Cvelist
added 2013/09/25 10:0 a.m.20 views

CVE-2013-4022

IBM Data Studio Web Console 3.x before 3.2, Optim Performance Manager 5.x before 5.2, InfoSphere Optim Configuration Manager 2.x before 2.2, and DB2 Recovery Expert 2.x store unspecified authentication information in a cookie, which allows remote authenticated users to bypass intended access...

6AI score0.00922EPSS
Exploits0References2
Prion
Prion
added 2013/08/22 10:55 p.m.14 views

Directory traversal

Directory traversal vulnerability in IBM Optim Performance Manager 4.1.1 and IBM InfoSphere Optim Performance Manager 5.x before 5.2 allows remote authenticated users to read arbitrary files via a crafted URL...

4CVSS6.5AI score0.01441EPSS
Exploits0References2Affected Software2
CVE
CVE
added 2013/08/22 10:0 p.m.42 views

CVE-2013-2979

CVE-2013-2979 is a directory traversal vulnerability in IBM Optim Performance Manager (OPM) for DB2, affecting IBM 4.1.0–4.1.1 and 5.1–5.1.1.x. A remotely authenticated attacker could craft a URL to traverse directories and read sensitive files outside the installation directory if the server pro...

4CVSS6.2AI score0.01441EPSS
Exploits0References2Affected Software2
Rows per page
Query Builder