Lucene search
K
IbmRational Build Forge

4 matches found

CVE
CVE
added 2011/09/08 6:0 p.m.45 views

CVE-2011-3391

CVE-2011-3391 affects IBM Rational Build Forge 7.1.2. The flaw arises from relying on client-side JavaScript to enforce the EditSecurity permission for the Export Key File function. This allows remote authenticated users to read a key file by removing the disabled attribute in the Security submen...

4CVSS6.3AI score0.01152EPSS
CVE
CVE
added 2008/05/09 3:0 p.m.43 views

CVE-2008-2122

CVE-2008-2122 affects IBM Rational Build Forge 7.0.2. A port scan can trigger multiple bfagent server processes that attempt to read from closed sockets, causing CPU consumption and a DoS (availability impact). Public references describe the issue as remote, with the impact described as partial (...

7.5CVSS7.3AI score0.02334EPSS
CVE
CVE
added 2011/04/28 6:0 p.m.42 views

CVE-2011-1839

IBM Rational Build Forge 7.1.0 is vulnerable because it uses HTTP GET during redirection from the authentication servlet to a PHP script, enabling context-dependent attackers to discover session IDs by reading web-server access logs, Referer logs, or browser history. Affected component: the authe...

5CVSS6.7AI score0.01098EPSS
CVE
CVE
added 2011/02/16 1:0 a.m.39 views

CVE-2011-1034

The CVE-2011-1034 issue concerns IBM Rational Build Forge 7.0.2. The vulnerability is a Cross-site Scripting (XSS) in the UI, where an attacker can inject arbitrary script or HTML via the mod parameter to the fullcontrol program. The root cause is improper input handling in the UI component, enab...

4.3CVSS5.8AI score0.01223EPSS