3 matches found
CVE-2017-1202
CVE-2017-1202 affects IBM BigFix Compliance 1.7–1.9.91 (TEMA SUAv1 SCA SCM). The vulnerability is HTML injection that could allow a remote attacker to inject HTML code, which would execute in the victim’s browser within the hosting site’s security context when viewed. No exploitation details or p...
CVE-2017-1198
CVE-2017-1198 affects IBM BigFix Compliance 1.7–1.9.91 (TEMA SUAv1 SCA SCM). The underlying issue is that sensitive information is stored in URL parameters, enabling potential information disclosure if URLs are exposed in server logs, referrer headers, or browser history. The NVD entry notes expl...
CVE-2017-1196
IBM BigFix Compliance (TEMA SUAv1 SCA SCM) 1.9.70 is affected by a weak default password policy (CVE-2017-1196). The issue, documented across multiple sources (NVD/Nessus/CNVD), states that the product does not require strong passwords by default, enabling an attacker to compromise user accounts ...