Bigfix Security Compliance Analytics@1.9.70 Security Vulnerabilities and Issues — Bigfix Security Compliance Analytics@1.9.70 CVE List

Lucene search

IbmBigfix Security Compliance Analytics1.9.70

4 matches found

CVE•added 2017/06/07 5:29 p.m.•45 views

CVE-2017-1178

IBM Endpoint Manager for Security and Compliance 1.9.70 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Forc...

6.1CVSS6AI score0.00282EPSS

CVE•added 2017/06/07 5:29 p.m.•45 views

CVE-2017-1196

IBM BigFix Compliance (TEMA SUAv1 SCA SCM) 1.9.70 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. IBM X-Force ID: 123671.

9.8CVSS8.9AI score0.00312EPSS

CVE•added 2017/06/08 9:29 p.m.•43 views

CVE-2017-1179

IBM BigFix Compliance Analytics 1.9.79 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 123431.

5.9CVSS6.3AI score0.00137EPSS

CVE•added 2017/06/15 1:29 p.m.•37 views

CVE-2017-1197

IBM BigFix Compliance (TEMA SUAv1 SCA SCM) uses an inadequate account lockout setting that could allow a remote attacker to brute force account credentials. IBM X-Force ID: 123672.

9.8CVSS8.8AI score0.00365EPSS