Bigfix Platform@9.2.5 Security Vulnerabilities and Issues — Bigfix Platform@9.2.5 CVE List

Lucene search

IbmBigfix Platform9.2.5

4 matches found

CVE•added 2016/09/01 1:59 a.m.•51 views

CVE-2016-0293

Cross-site scripting (XSS) vulnerability in IBM BigFix Platform (formerly Tivoli Endpoint Manager) 9.x before 9.1.8 and 9.2.x before 9.2.8 allows remote attackers to inject arbitrary web script or HTML via a modified .beswrpt file.

6.1CVSS5.8AI score0.00225EPSS

CVE•added 2017/07/19 8:29 p.m.•50 views

CVE-2017-1219

IBM Tivoli Endpoint Manager is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 123859.

6.5CVSS7.7AI score0.00537EPSS

CVE•added 2016/07/15 6:59 p.m.•48 views

CVE-2016-0269

Cross-site scripting (XSS) vulnerability in IBM BigFix Platform 9.x before 9.1.8 and 9.2.x before 9.2.7 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL.

5.4CVSS4.9AI score0.00168EPSS

CVE•added 2017/07/19 8:29 p.m.•47 views

CVE-2017-1203

IBM Tivoli Endpoint Manager (for Lifecycle/Power/Patch) Platform and Applications is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a t...

6.1CVSS6.7AI score0.00307EPSS