Spectrum Symphony Security Vulnerabilities and Issues — Spectrum Symphony CVE List

Lucene search

IbmSpectrum Symphony

4 matches found

CVE•added 2023/03/10 9:15 p.m.•45 views

CVE-2023-24975

IBM Spectrum Symphony 7.3 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. This could allow an attacker to conduct various attacks against the vulnerable system, including cross-site scripting, cache poisoning or session hijacking. IBM X-Force ID: ...

6.1CVSS5.7AI score0.00069EPSS

CVE•added 2018/09/28 1:29 p.m.•36 views

CVE-2018-1704

IBM Platform Symphony 7.1 Fix Pack 1 and 7.1.1 and IBM Spectrum Symphony 7.1.2 and 7.2.0.2 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to sp...

6.8CVSS5.1AI score0.00082EPSS

CVE•added 2018/10/11 12:29 p.m.•35 views

CVE-2018-1708

IBM Spectrum Symphony 7.1.2 and 7.2.0.2 could allow an authenticated user to obtain sensitive user information such as passwords through the WebUI. IBM X-Force ID: 146343.

6.5CVSS6AI score0.00177EPSS

CVE•added 2018/08/28 11:29 a.m.•33 views

CVE-2018-1705

IBM Platform Symphony 7.1 Fix Pack 1 and 7.1.1 and IBM Spectrum Symphony 7.1.2 and 7.2.0.2 contain an information disclosure vulnerability that could allow an authenticated attacker to obtain highly sensitive information. IBM X-Force ID: 146340.

6.5CVSS5.9AI score0.00177EPSS