Lucene search

K
IbmTivoli Application Dependency Discovery Manager

22 matches found

CVE
CVE
added 2013/07/23 11:3 a.m.213 views

CVE-2013-4002

XMLscanner.java in Apache Xerces2 Java Parser before 2.12.0, as used in the Java Runtime Environment (JRE) in IBM Java 5.0 before 5.0 SR16-FP3, 6 before 6 SR14, 6.0.1 before 6.0.1 SR6, and 7 before 7 SR5 as well as Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlie...

7.1CVSS6.7AI score0.01422EPSS
CVE
CVE
added 2024/02/02 2:15 p.m.68 views

CVE-2023-47142

IBM Tivoli Application Dependency Discovery Manager 7.3.0.0 through 7.3.0.10 could allow an attacker on the organization's local network to escalate their privileges due to unauthorized API access. IBM X-Force ID: 270267.

8.8CVSS7.5AI score0.0004EPSS
CVE
CVE
added 2014/10/31 10:55 a.m.43 views

CVE-2014-6150

Cross-site scripting (XSS) vulnerability in IBM Tivoli Application Dependency Discovery Manager (TADDM) 7.2.1.0 through 7.2.1.6 and 7.2.2.0 through 7.2.2.2 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL.

3.5CVSS5.2AI score0.00188EPSS
CVE
CVE
added 2025/01/23 6:15 p.m.43 views

CVE-2025-23227

IBM Tivoli Application Dependency Discovery Manager 7.3.0.0 through 7.3.0.11 is vulnerable to stored cross-site scripting. This vulnerability allows authenticated users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials discl...

6.4CVSS5.9AI score0.00031EPSS
CVE
CVE
added 2018/05/24 9:29 p.m.41 views

CVE-2013-3018

The AXIS webapp in deploy-tomcat/axis in IBM Tivoli Application Dependency Discovery Manager (TADDM) 7.1.2 and 7.2.0 through 7.2.1.4 allows remote attackers to obtain sensitive configuration information via a direct request, as demonstrated by happyaxis.jsp. IBM X-Force ID: 84354.

5.3CVSS4.9AI score0.00139EPSS
CVE
CVE
added 2024/02/02 1:15 p.m.39 views

CVE-2023-47143

IBM Tivoli Application Dependency Discovery Manager 7.3.0.0 through 7.3.0.10 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. This could allow an attacker to conduct various attacks against the vulnerable system, including cross-site scripting, cac...

10CVSS8.7AI score0.00103EPSS
CVE
CVE
added 2024/02/02 1:15 p.m.39 views

CVE-2023-47144

IBM Tivoli Application Dependency Discovery Manager 7.3.0.0 through 7.3.0.10 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a truste...

6.1CVSS5.8AI score0.00151EPSS
CVE
CVE
added 2013/03/06 1:10 p.m.38 views

CVE-2012-5939

Cross-site scripting (XSS) vulnerability in Welcome.do in the Data Management Portal Web User Interface in IBM Tivoli Application Dependency Discovery Manager (TADDM) 7.2.x before 7.2.1.4 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL.

3.5CVSS5.2AI score0.00188EPSS
CVE
CVE
added 2018/05/24 9:29 p.m.37 views

CVE-2013-3023

IBM Tivoli Application Dependency Discovery Manager (TADDM) 7.1.2 and 7.2.0 through 7.2.1.4 might allow remote attackers to obtain sensitive information about Tomcat credentials by sniffing the network for a session in which HTTP is used. IBM X-Force ID: 84361.

8.1CVSS7.6AI score0.00288EPSS
CVE
CVE
added 2014/01/29 5:37 a.m.36 views

CVE-2013-2974

The BIRT viewer in IBM Tivoli Application Dependency Discovery Manager (TADDM) 7.2.1.x before 7.2.1.5 allows remote authenticated users to bypass authorization checks and obtain report-administration privileges, and consequently create or delete reports or conduct SQL injection attacks, via crafted...

7.5CVSS7.2AI score0.00152EPSS
CVE
CVE
added 2014/07/01 6:55 p.m.36 views

CVE-2013-3004

Directory traversal vulnerability in BIRT-Report Viewer in IBM Tivoli Application Dependency Discovery Manager (TADDM) 7.1.x and 7.2.x before 7.2.1.5 allows remote authenticated users to read arbitrary files via unspecified vectors.

3.5CVSS6.2AI score0.00142EPSS
CVE
CVE
added 2019/02/04 9:29 p.m.36 views

CVE-2018-1675

IBM Tivoli Application Dependency Discovery Manager 7.2.2 and 7.3 could expose password hashes in stored in system memory on target systems that are configured to use TADDM. IBM X-Force ID: 145110.

7.5CVSS7.2AI score0.00206EPSS
CVE
CVE
added 2013/03/06 1:10 p.m.35 views

CVE-2012-5770

The SSL configuration in IBM Tivoli Application Dependency Discovery Manager (TADDM) 7.2.x before 7.2.1.4 supports the MD5 hash algorithm, which makes it easier for man-in-the-middle attackers to spoof servers and decrypt network traffic via a brute-force attack.

5.8CVSS6.3AI score0.00259EPSS
CVE
CVE
added 2014/10/31 10:55 a.m.35 views

CVE-2014-6148

IBM Tivoli Application Dependency Discovery Manager (TADDM) 7.2.0.0 through 7.2.0.10, 7.2.1.0 through 7.2.1.6, and 7.2.2.0 through 7.2.2.2 does not require TADDM authentication for rptdesign downloads, which allows remote authenticated users to obtain sensitive database information via a crafted UR...

3.5CVSS5.9AI score0.00171EPSS
CVE
CVE
added 2014/10/29 10:55 a.m.34 views

CVE-2014-6149

Directory traversal vulnerability in BIRT-viewer in IBM Tivoli Application Dependency Discovery Manager (TADDM) 7.2.0.0 through 7.2.0.10, 7.2.1.0 through 7.2.1.6, and 7.2.2.0 through 7.2.2.2 allows remote authenticated users to read arbitrary files via unspecified vectors.

5CVSS6.2AI score0.00659EPSS
CVE
CVE
added 2017/04/14 4:59 p.m.33 views

CVE-2016-8925

IBM Tivoli Application Dependency Discovery Manager 7.2.2 and 7.3 could allow a remote attacker to include arbitrary files which could allow the attacker to read any file on the system. IBM X-Force ID: 118538.

6.8CVSS6.2AI score0.0021EPSS
CVE
CVE
added 2017/04/14 4:59 p.m.33 views

CVE-2016-8927

IBM Tivoli Application Dependency Discovery Manager 7.2.2 and 7.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. ...

5.4CVSS5.4AI score0.00227EPSS
CVE
CVE
added 2018/08/15 3:29 p.m.33 views

CVE-2018-1455

IBM Tivoli Application Dependency Discovery Manager 7.2.2 and 7.3 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 11029.

8.8CVSS8.4AI score0.0018EPSS
CVE
CVE
added 2013/03/06 1:10 p.m.32 views

CVE-2012-5942

Cross-site scripting (XSS) vulnerability in the Data Management Portal Web User Interface in IBM Tivoli Application Dependency Discovery Manager (TADDM) 7.2.x before 7.2.1.4 allows remote authenticated users to inject content, and conduct phishing attacks, via unspecified vectors.

3.5CVSS5.3AI score0.00188EPSS
CVE
CVE
added 2018/07/09 6:29 p.m.32 views

CVE-2013-3017

IBM Tivoli Application Dependency Discovery Manager (TADDM) before 7.2.1.5 and 7.2.x before 7.2.2 make it easier for remote attackers to defeat cryptographic protection mechanisms by leveraging support for weak SSL ciphers. IBM X-Force ID: 84353.

7.5CVSS7.3AI score0.00253EPSS
CVE
CVE
added 2018/05/01 6:29 p.m.32 views

CVE-2013-4040

IBM Tivoli Application Dependency Discovery Manager (TADDM) 7.1.2.x before 7.2.1.5 and 7.2.x before 7.2.2.0 on Unix use weak permissions (755) for unspecified configuration and log files, which allows local users to obtain sensitive information by reading the files. IBM X-Force ID: 86176.

5.5CVSS5AI score0.00035EPSS
CVE
CVE
added 2017/04/14 4:59 p.m.29 views

CVE-2016-8926

IBM Tivoli Application Dependency Discovery Manager 7.2.2 and 7.3 could allow a remote attacker to read system files or data that is restricted to authorized users. IBM X-Force ID: 118539.

4.3CVSS4.8AI score0.00155EPSS