Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Daeja Viewone Security Vulnerabilities - January

cve
cve

CVE-2017-1209

IBM Daeja ViewONE Professional, Standard & Virtual 4.1.5.1 and 5.0.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted sessio...

5.4CVSS

5.1AI Score

0.0005EPSS

2017-10-24 09:29 PM
31
cve
cve

CVE-2017-1210

IBM Daeja ViewONE Professional, Standard & Virtual 4.1.5.1 and 5.0.2 could allow an unauthenticated attacker to inject data into log files made to look legitimate. IBM X-Force ID: 123850.

7.5CVSS

7.2AI Score

0.001EPSS

2017-10-24 09:29 PM
32
cve
cve

CVE-2017-1211

IBM Daeja ViewONE Professional, Standard & Virtual 4.1.5.1 and 5.0.2 could disclose sensitive information to a local user when logging is enabled. IBM X-Force ID: 123851.

2.5CVSS

3.1AI Score

0.0004EPSS

2017-10-24 09:29 PM
23
cve
cve

CVE-2017-1212

IBM Daeja ViewONE Professional, Standard & Virtual 4.1.5.1 and 5.0.2 is vulnerable to a denial of service when viewing or opening a large file. IBM X-Force ID: 123852.

6.5CVSS

6.2AI Score

0.001EPSS

2017-10-24 09:29 PM
29
cve
cve

CVE-2017-1308

IBM Daeja ViewONE Professional, Standard & Virtual 4.1.5.1 and 5.0 could allow an authenticated attacker to download files they should not have access to due to improper access controls. IBM X-Force ID: 125462.

6.5CVSS

6.1AI Score

0.001EPSS

2017-07-13 03:29 PM
30
cve
cve

CVE-2018-1399

IBM Daeja ViewONE Professional, Standard & Virtual 4.1.5 and 5.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. I...

5.4CVSS

5.1AI Score

0.001EPSS

2018-02-27 05:29 PM
19
cve
cve

CVE-2018-1835

IBM Daeja ViewONE Professional, Standard & Virtual 5 is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 150514.

7.1CVSS

6.8AI Score

0.001EPSS

2018-11-02 03:29 PM
23
cve
cve

CVE-2019-4246

IBM Daeja ViewONE Virtual 5.0 through 5.0.6 could expose internal parameters to ViewONE clients that could be used in further attacks against the system. IBM X-Force ID: 159521.

5.3CVSS

4.9AI Score

0.001EPSS

2019-10-01 03:15 PM
37
cve
cve

CVE-2019-4260

IBM Daeja ViewONE Professional, Standard & Virtual 5.0 through 5.0.5 could allow an unauthorized user to download server files resulting in sensitive information disclosure. IBM X-Force ID: 160012.

5.3CVSS

4.6AI Score

0.001EPSS

2019-07-02 03:15 PM
67
cve
cve

CVE-2019-4456

IBM Daeja ViewONE Professional, Standard & Virtual 5.0.5 and 5.0.6 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 163620.

7.1CVSS

6.8AI Score

0.001EPSS

2019-07-30 02:15 PM
24