Lucene search

K
IbmPlatform Symphony7.1.1

5 matches found

CVE
CVE
added 2018/08/01 5:29 p.m.45 views

CVE-2018-1595

IBM Spectrum Symphony and Platform Symphony 7.1.2 and 7.2.0.2 could allow an authenticated user to execute arbitrary commands due to improper handling of user supplied input. IBM X-Force ID: 143622.

8.8CVSS8.7AI score0.00229EPSS
CVE
CVE
added 2018/09/28 1:29 p.m.36 views

CVE-2018-1702

IBM Platform Symphony 7.1 Fix Pack 1 and 7.1.1 and IBM Spectrum Symphony 7.1.2 and 7.2.0.2 are vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-F...

7.1CVSS6.8AI score0.00351EPSS
CVE
CVE
added 2018/09/28 1:29 p.m.36 views

CVE-2018-1704

IBM Platform Symphony 7.1 Fix Pack 1 and 7.1.1 and IBM Spectrum Symphony 7.1.2 and 7.2.0.2 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to sp...

6.8CVSS5.1AI score0.00082EPSS
CVE
CVE
added 2018/10/11 12:29 p.m.35 views

CVE-2018-1708

IBM Spectrum Symphony 7.1.2 and 7.2.0.2 could allow an authenticated user to obtain sensitive user information such as passwords through the WebUI. IBM X-Force ID: 146343.

6.5CVSS6AI score0.00177EPSS
CVE
CVE
added 2018/08/28 11:29 a.m.33 views

CVE-2018-1705

IBM Platform Symphony 7.1 Fix Pack 1 and 7.1.1 and IBM Spectrum Symphony 7.1.2 and 7.2.0.2 contain an information disclosure vulnerability that could allow an authenticated attacker to obtain highly sensitive information. IBM X-Force ID: 146340.

6.5CVSS5.9AI score0.00177EPSS