Integration Bus@10.0.0.0 Security Vulnerabilities and Issues — Integration Bus@10.0.0.0 CVE List

Lucene search

IbmIntegration Bus10.0.0.0

5 matches found

CVE•added 2018/11/26 5:0 p.m.•49 views

CVE-2017-1418

IBM Integration Bus 9.0.0.0, 9.0.0.11, 10.0.0.0, and 10.0.0.14 (including IBM WebSphere Message Broker 8.0.0.0 and 8.0.0.9) has insecure permissions on certain files. A local attacker could exploit this vulnerability to modify or delete these files with an unknown impact. IBM X-Force ID: 127406.

5.5CVSS5.2AI score0.00037EPSS

CVE•added 2019/02/04 9:29 p.m.•44 views

CVE-2018-1801

IBM App Connect V11.0.0.0 through V11.0.0.1, IBM Integration Bus V10.0.0.0 through V10.0.0.13, IBM Integration Bus V9.0.0.0 through V9.0.0.10, and WebSphere Message Broker V8.0.0.0 through V8.0.0.9 is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remote atta...

5.3CVSS5.4AI score0.00275EPSS

CVE•added 2017/10/04 1:29 a.m.•40 views

CVE-2017-1126

IBM WebSphere Message Broker (IBM Integration Bus 9.0 and 10.0) could allow an unauthorized user to obtain sensitive information about software versions that could lead to further attacks. IBM X-Force ID: 121341.

5.3CVSS4.9AI score0.00186EPSS

CVE•added 2017/12/20 6:29 p.m.•36 views

CVE-2017-1694

IBM Integration Bus 9.0 and 10.0 transmits user credentials in plain in clear text which can be read by an attacker using man in the middle techniques. IBM X-Force ID: 134165.

8.1CVSS7.5AI score0.0013EPSS

CVE•added 2018/01/19 2:29 p.m.•32 views

CVE-2017-1693

IBM Integration Bus 9.0 and 10.0 could allow an attacker that has captured a valid session id to hijack another users session during a small timeframe before the session times out. IBM X-Force ID: 134164.

6.8CVSS5.3AI score0.00294EPSS