Ibm

Rational Focal Point

9 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.3

CVE-2014-0841

  • EPSS 0.02%
  • Veröffentlicht 27.04.2018 16:29:00
  • Zuletzt bearbeitet 21.11.2024 02:02:53

IBM Rational Focal Point 6.4.0, 6.4.1, 6.5.1, 6.5.2, and 6.6.0 use a weak algorithm to hash passwords, which makes it easier for context-dependent attackers to obtain cleartext values via a brute-force attack. IBM X-Force ID: 90704.

4

CVE-2014-0839

  • EPSS 0.15%
  • Veröffentlicht 26.02.2014 01:29:36
  • Zuletzt bearbeitet 11.04.2025 00:51:21

IBM Rational Focal Point 6.4.x and 6.5.x before 6.5.2.3 and 6.6.x before 6.6.1 allows remote authenticated users to modify data via vectors involving a direct object reference.

3.5

CVE-2014-0840

  • EPSS 0.25%
  • Veröffentlicht 26.02.2014 01:29:36
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Multiple cross-site scripting (XSS) vulnerabilities in IBM Rational Focal Point 6.4.x and 6.5.x before 6.5.2.3 and 6.6.x before 6.6.1 allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.

5

CVE-2014-0842

  • EPSS 0.23%
  • Veröffentlicht 26.02.2014 01:29:36
  • Zuletzt bearbeitet 11.04.2025 00:51:21

The account-creation functionality in IBM Rational Focal Point 6.4.x and 6.5.x before 6.5.2.3 and 6.6.x before 6.6.1 places the new user's default password within the creation page, which allows remote attackers to obtain sensitive information by rea...

3.5

CVE-2014-0843

  • EPSS 0.25%
  • Veröffentlicht 26.02.2014 01:29:36
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Cross-site scripting (XSS) vulnerability in IBM Rational Focal Point 6.4.x and 6.5.x before 6.5.2.3 and 6.6.x before 6.6.1 allows remote authenticated users to inject arbitrary web script or HTML by uploading a file.

3.5

CVE-2014-0853

  • EPSS 0.19%
  • Veröffentlicht 26.02.2014 01:29:36
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Multiple cross-site scripting (XSS) vulnerabilities in the (1) ForwardController and (2) AttributeEditor scripts in IBM Rational Focal Point 6.4.x and 6.5.x before 6.5.2.3 and 6.6.x before 6.6.1 allow remote authenticated users to inject arbitrary we...

3.3

CVE-2013-5397

  • EPSS 0.11%
  • Veröffentlicht 18.12.2013 16:04:33
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Unspecified vulnerability in the Webservice Axis Gateway in IBM Rational Focal Point 6.4 before devfix1, 6.4.1.3 before devfix1, 6.5.1 before devfix1, 6.5.2 before devfix4, 6.5.2.3 before devfix9, 6.6 before devfix5, 6.6.0.1 before devfix2, and 6.6.1...

3.3

CVE-2013-5398

  • EPSS 0.11%
  • Veröffentlicht 18.12.2013 16:04:33
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Unspecified vulnerability in the Webservice Axis Gateway in IBM Rational Focal Point 6.4 before devfix1, 6.4.1.3 before devfix1, 6.5.1 before devfix1, 6.5.2 before devfix4, 6.5.2.3 before devfix9, 6.6 before devfix5, 6.6.0.1 before devfix2, and 6.6.1...

4.3

CVE-2013-3025

  • EPSS 0.24%
  • Veröffentlicht 17.10.2013 00:55:03
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Multiple cross-site scripting (XSS) vulnerabilities in IBM Rational Focal Point 6.5.x and 6.6.x before 6.6.0.1 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.