Platform Symphony@7.1.1 Security Vulnerabilities and Issues — Platform Symphony@7.1.1 CVE List

Lucene search

IbmPlatform Symphony7.1.1

5 matches found

CVE•added 2018/08/01 5:29 p.m.•45 views

CVE-2018-1595

IBM Spectrum Symphony and Platform Symphony 7.1.2 and 7.2.0.2 could allow an authenticated user to execute arbitrary commands due to improper handling of user supplied input. IBM X-Force ID: 143622.

8.8CVSS8.7AI score0.00229EPSS

CVE•added 2018/09/28 1:29 p.m.•36 views

CVE-2018-1702

IBM Platform Symphony 7.1 Fix Pack 1 and 7.1.1 and IBM Spectrum Symphony 7.1.2 and 7.2.0.2 are vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-F...

7.1CVSS6.8AI score0.00351EPSS

CVE•added 2018/09/28 1:29 p.m.•36 views

CVE-2018-1704

IBM Platform Symphony 7.1 Fix Pack 1 and 7.1.1 and IBM Spectrum Symphony 7.1.2 and 7.2.0.2 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to sp...

6.8CVSS5.1AI score0.00082EPSS

CVE•added 2018/10/11 12:29 p.m.•35 views

CVE-2018-1708

IBM Spectrum Symphony 7.1.2 and 7.2.0.2 could allow an authenticated user to obtain sensitive user information such as passwords through the WebUI. IBM X-Force ID: 146343.

6.5CVSS6AI score0.00177EPSS

CVE•added 2018/08/28 11:29 a.m.•33 views

CVE-2018-1705

IBM Platform Symphony 7.1 Fix Pack 1 and 7.1.1 and IBM Spectrum Symphony 7.1.2 and 7.2.0.2 contain an information disclosure vulnerability that could allow an authenticated attacker to obtain highly sensitive information. IBM X-Force ID: 146340.

6.5CVSS5.9AI score0.00177EPSS