Lucene search
K
IbmCloud Automation Manager

4 matches found

CVE
CVE
added 2019/08/29 3:0 p.m.43 views

CVE-2019-4133

CVE-2019-4133 affects IBM Cloud Automation Manager 3.1.2. The concurrent documents confirm a client-side attacker with access to the user’s machine could execute a custom script due to an insecure Content-Security-Policy header. Exploitation details are not provided beyond this, but the IBM secur...

5.2CVSS5AI score0.0032EPSS
CVE
CVE
added 2020/02/05 3:20 p.m.42 views

CVE-2019-4616

CVE-2019-4616 affects IBM Cloud Automation Manager 3.2.1.0, where authorization tokens and session cookies lack the Secure attribute, allowing cookie values to be exposed when users click http links or visit malicious sites. The vulnerability is documented across multiple sources (NVD/NVD-derived...

4.3CVSS3.6AI score0.00309EPSS
CVE
CVE
added 2019/08/29 3:0 p.m.41 views

CVE-2019-4132

IBM Cloud Automation Manager 3.1.2 is affected by an improper redirection vulnerability when a bad API path is requested, which could disclose sensitive information instead of returning a 404. The issue is due to redirection instead of proper error handling. Affected product/version: IBM Cloud Au...

4CVSS3.6AI score0.00351EPSS
CVE
CVE
added 2020/03/16 3:25 p.m.40 views

CVE-2019-4617

IBM Cloud Automation Manager 3.2.1.0 is affected by CVE-2019-4617: it does not renew the session variable after successful authentication, enabling session fixation/hijacking where a user could be forced to use a cookie potentially known to an attacker. The IBM Security Bulletin confirms the vuln...

5.9CVSS4.6AI score0.00312EPSS