Connections@6.0 Security Vulnerabilities and Issues — Connections@6.0 CVE List

Lucene search

IbmConnections6.0

8 matches found

CVE•added 2019/06/14 3:29 p.m.•76 views

CVE-2019-4403

IBM Connections 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 162264.

5.4CVSS5.2AI score0.00158EPSS

CVE•added 2018/06/04 5:29 p.m.•51 views

CVE-2017-1748

IBM Connections 5.0, 5.5, and 6.0 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to spoof the URL displayed to redirect a user to a malicious W...

6.8CVSS5.8AI score0.0013EPSS

CVE•added 2017/12/11 9:29 p.m.•46 views

CVE-2017-1613

IBM Connections 6.0 could allow an unauthenticated remote attacker to gain unauthenticated or unauthorized access to non-sensitive Engagement Center template data. IBM X-Force ID: 132954.

5.3CVSS5.4AI score0.00323EPSS

CVE•added 2018/09/14 12:29 p.m.•43 views

CVE-2018-1791

IBM Connections 5.0, 5.5, and 6.0 is vulnerable to an External Service Interaction attack, caused by improper validation of a request property. By submitting suitable payloads, an attacker could exploit this vulnerability to induce the Connections server to attack other systems. IBM X-Force ID: 148...

4.9CVSS5AI score0.00166EPSS

CVE•added 2018/12/06 2:29 p.m.•42 views

CVE-2018-1935

IBM Connections 5.0, 5.5, and 6.0 could allow an authenticated user to obtain sensitive information from invalid request error messages. IBM X-Force ID: 153315.

4.3CVSS4.1AI score0.00172EPSS

CVE•added 2017/12/11 9:29 p.m.•38 views

CVE-2017-1683

IBM Connections Engagement Center 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 134005.

5.4CVSS5.2AI score0.0025EPSS

CVE•added 2018/12/07 4:29 p.m.•34 views

CVE-2018-1896

IBM Connections 5.0, 5.5, and 6.0 is vulnerable to possible host header injection attack that could cause navigation to the attacker's domain. IBM X-Force ID: 152456.

5.4CVSS5.5AI score0.00161EPSS

CVE•added 2018/02/14 3:29 p.m.•32 views

CVE-2017-1682

IBM Connections 4.0, 4.5, 5.0, 5.5, and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 134004...

5.4CVSS5.2AI score0.00198EPSS