Infosphere Biginsights@2.1.0.0 Security Vulnerabilities and Issues — Infosphere Biginsights@2.1.0.0 CVE List

Lucene search

IbmInfosphere Biginsights2.1.0.0

3 matches found

CVE•added 2014/03/26 10:55 a.m.•43 views

CVE-2013-3997

Open redirect vulnerability in the Web Application Enterprise Console in IBM InfoSphere BigInsights 1.1 and 2.x before 2.1 FP2 allows remote authenticated users to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.

4.9CVSS6.2AI score0.0016EPSS

CVE•added 2014/08/17 11:55 p.m.•43 views

CVE-2014-0905

IBM InfoSphere BigInsights 2.0 through 2.1.2 does not set the secure flag for the LTPA cookie in an https session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an http session.

2.9CVSS6.5AI score0.0011EPSS

CVE•added 2014/03/26 10:55 a.m.•38 views

CVE-2013-3998

CRLF injection vulnerability in the Web Application Enterprise Console in IBM InfoSphere BigInsights 1.1 and 2.x before 2.1 FP2 allows remote authenticated users to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors.

3.5CVSS6.4AI score0.00166EPSS