Lucene search
K
IbmControl Center

9 matches found

CVE
CVE
added 2025/01/25 1:33 p.m.85 views

CVE-2024-35114

CVE-2024-35114 affects IBM Control Center versions 6.2.1 and 6.3.1. The vulnerability, described as CWE-204 (Observable Response Discrepancy), could allow a remote attacker to enumerate usernames due to observable differences in login attempts. The IBM Security Bulletin (IBM Sterling Control Cent...

5.3CVSS5.2AI score0.00359EPSS
CVE
CVE
added 2021/05/19 7:40 p.m.76 views

CVE-2021-20529

IBM Sterling Control Center (IBM Control Center) vulnerability CVE-2021-20529: information disclosure in version 6.2.0.0 that could reveal sensitive version data, enabling further targeted attacks. CVSS v3.1/3.0 scores ~5.3 (MEDIUM). Remediation: apply iFix08 for 6.2.0.0. Other documents corrobor...

5.3CVSS4.8AI score0.00944EPSS
CVE
CVE
added 2021/05/19 7:40 p.m.75 views

CVE-2021-20528

CVE-2021-20528 affects IBM Control Center 6.2.0.0. The issue is a cross-site scripting vulnerability in the Web UI that could allow an attacker to embed arbitrary JavaScript, potentially leading to credentials disclosure within a trusted session. Remediation provided by IBM is iFix08 for 6.2.0.0;...

5.4CVSS5.2AI score0.00495EPSS
CVE
CVE
added 2025/01/25 1:31 p.m.61 views

CVE-2024-35112

IBM Sterling Control Center (IBM Control Center) versions 6.2.1 and 6.3.1 are affected by CVE-2024-35112. The issue stems from improper handling of error messages, where detailed browser error responses could disclose sensitive information, aided by a vulnerability in neutralizing script-related ...

5.4CVSS5.2AI score0.00293EPSS
CVE
CVE
added 2025/01/25 1:32 p.m.59 views

CVE-2024-35113

IBM Sterling/Control Center (IBM Control Center) versions 6.2.1 and 6.3.1 are affected by a directory listing information disclosure vulnerability (CVE-2024-35113). An authenticated user could obtain sensitive information exposed via directory listings. Evidence from IBM Security Bulletin and ven...

6.5CVSS4.3AI score0.00311EPSS
CVE
CVE
added 2025/01/25 1:29 p.m.58 views

CVE-2024-35111

IBM Sterling Control Center (IBM Control Center) versions 6.2.1 and 6.3.1 are affected by CVE-2024-35111, which could allow a remote attacker to obtain sensitive information via a browser-delivered detailed technical error message (CWE-209). Affected products and versions are IBM Control Center 6...

4.3CVSS4.3AI score0.00344EPSS
CVE
CVE
added 2018/02/21 9:0 p.m.53 views

CVE-2017-1758

CVE-2017-1758 is an XML External Entity Injection (XXE) vulnerability affecting IBM Financial Transaction Manager for ACH Services for Multi-Platform and related IBM products (Control Center, Transformation Extender Advanced) per IBM advisories. Connected documents enumerate affected software and...

7.1CVSS6.8AI score0.01635EPSS
CVE
CVE
added 2025/03/07 4:55 p.m.51 views

CVE-2023-43052

IBM Control Center versions 6.2.1–6.3.1 are affected by an External Service Interaction (DNS) vulnerability due to improper input validation. A remote attacker can induce server-side DNS lookups or HTTP requests to arbitrary domains, enabling the app server to contact other systems. The IBM Secur...

5.3CVSS7AI score0.00338EPSS
CVE
CVE
added 2016/07/08 1:0 a.m.46 views

CVE-2016-0252

IBM Control Center and Sterling Control Center are affected by CVE-2016-0252. Affected: IBM Control Center 5.4.0–5.4.2.1 iFix08 and 6.0.0.0–6.0.0.1 iFix05. Root cause: vulnerability allows a local attacker to decrypt the master key under certain conditions, potentially enabling decryption of appl...

5.1CVSS4.9AI score0.00259EPSS