Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
IbmInfosphere Optim Data Growth For Oracle E-business Suite

9 matches found

CVE
CVEadded 2013/05/27 2:55 p.m.40 views

CVE-2013-2953

IBM InfoSphere Optim Data Growth for Oracle E-Business Suite 6.x, 7.x, and 9.x before 9.1.0.3 relies on the MD5 algorithm for signatures in X.509 certificates, which makes it easier for man-in-the-middle attackers to spoof SSL servers via a crafted certificate.

4.3CVSS6AI score0.00123EPSS
CVE
CVEadded 2013/05/27 2:55 p.m.37 views

CVE-2013-2957

Cross-site scripting (XSS) vulnerability in IBM InfoSphere Optim Data Growth for Oracle E-Business Suite 6.x, 7.x, and 9.x before 9.1.0.3 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL.

3.5CVSS5.2AI score0.00166EPSS
CVE
CVEadded 2013/05/27 2:55 p.m.36 views

CVE-2013-2955

Cross-site scripting (XSS) vulnerability in IBM InfoSphere Optim Data Growth for Oracle E-Business Suite 6.x, 7.x, and 9.x before 9.1.0.3 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL, related to a stored XSS issue.

3.5CVSS4.5AI score0.00166EPSS
CVE
CVEadded 2013/10/10 10:55 a.m.34 views

CVE-2013-0577

The Optim E-Business Console in IBM Data Growth Solution for Oracle E-business Suite 6.0 through 9.1 allows remote authenticated users to bypass intended access restrictions and create, modify, or delete documents or scripts via unspecified vectors.

5.2CVSS5.9AI score0.00089EPSS
CVE
CVEadded 2013/05/27 2:55 p.m.33 views

CVE-2013-2959

The Console in IBM InfoSphere Optim Data Growth for Oracle E-Business Suite 6.x, 7.x, and 9.x before 9.1.0.3 does not provide an encrypted session for transmitting login credentials, which allows remote attackers to obtain sensitive information by sniffing the network.

5CVSS5.9AI score0.00225EPSS
CVE
CVEadded 2013/05/27 2:55 p.m.32 views

CVE-2013-2954

The login page in the Console in IBM InfoSphere Optim Data Growth for Oracle E-Business Suite 6.x, 7.x, and 9.x before 9.1.0.3 does not limit the number of incorrect authentication attempts, which makes it easier for remote attackers to obtain access via a brute-force attack.

5CVSS6.5AI score0.00254EPSS
CVE
CVEadded 2013/05/27 2:55 p.m.28 views

CVE-2013-2956

SQL injection vulnerability in the Console in IBM InfoSphere Optim Data Growth for Oracle E-Business Suite 6.x, 7.x, and 9.x before 9.1.0.3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

7.5CVSS8.2AI score0.00325EPSS
CVE
CVEadded 2013/10/10 10:55 a.m.26 views

CVE-2013-0580

Cross-site request forgery (CSRF) vulnerability in the Optim E-Business Console in IBM Data Growth Solution for Oracle E-business Suite 6.0 through 9.1 allows remote authenticated users to hijack the authentication of arbitrary users.

4.9CVSS6.6AI score0.00091EPSS
CVE
CVEadded 2013/10/10 10:55 a.m.25 views

CVE-2013-0579

The Optim E-Business Console in IBM Data Growth Solution for Oracle E-business Suite 6.0 through 9.1 allows remote attackers to impersonate arbitrary users by leveraging access to a legitimate user's web browser either (1) before or (2) after authentication.

4.3CVSS6.5AI score0.00196EPSS