Ibm

Rational Focal Point

9 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.3

CVE-2014-0841

  • EPSS 0.02%
  • Published 27.04.2018 16:29:00
  • Last modified 21.11.2024 02:02:53

IBM Rational Focal Point 6.4.0, 6.4.1, 6.5.1, 6.5.2, and 6.6.0 use a weak algorithm to hash passwords, which makes it easier for context-dependent attackers to obtain cleartext values via a brute-force attack. IBM X-Force ID: 90704.

4

CVE-2014-0839

  • EPSS 0.15%
  • Published 26.02.2014 01:29:36
  • Last modified 11.04.2025 00:51:21

IBM Rational Focal Point 6.4.x and 6.5.x before 6.5.2.3 and 6.6.x before 6.6.1 allows remote authenticated users to modify data via vectors involving a direct object reference.

3.5

CVE-2014-0840

  • EPSS 0.25%
  • Published 26.02.2014 01:29:36
  • Last modified 11.04.2025 00:51:21

Multiple cross-site scripting (XSS) vulnerabilities in IBM Rational Focal Point 6.4.x and 6.5.x before 6.5.2.3 and 6.6.x before 6.6.1 allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.

5

CVE-2014-0842

  • EPSS 0.23%
  • Published 26.02.2014 01:29:36
  • Last modified 11.04.2025 00:51:21

The account-creation functionality in IBM Rational Focal Point 6.4.x and 6.5.x before 6.5.2.3 and 6.6.x before 6.6.1 places the new user's default password within the creation page, which allows remote attackers to obtain sensitive information by rea...

3.5

CVE-2014-0843

  • EPSS 0.25%
  • Published 26.02.2014 01:29:36
  • Last modified 11.04.2025 00:51:21

Cross-site scripting (XSS) vulnerability in IBM Rational Focal Point 6.4.x and 6.5.x before 6.5.2.3 and 6.6.x before 6.6.1 allows remote authenticated users to inject arbitrary web script or HTML by uploading a file.

3.5

CVE-2014-0853

  • EPSS 0.19%
  • Published 26.02.2014 01:29:36
  • Last modified 11.04.2025 00:51:21

Multiple cross-site scripting (XSS) vulnerabilities in the (1) ForwardController and (2) AttributeEditor scripts in IBM Rational Focal Point 6.4.x and 6.5.x before 6.5.2.3 and 6.6.x before 6.6.1 allow remote authenticated users to inject arbitrary we...

3.3

CVE-2013-5397

  • EPSS 0.11%
  • Published 18.12.2013 16:04:33
  • Last modified 11.04.2025 00:51:21

Unspecified vulnerability in the Webservice Axis Gateway in IBM Rational Focal Point 6.4 before devfix1, 6.4.1.3 before devfix1, 6.5.1 before devfix1, 6.5.2 before devfix4, 6.5.2.3 before devfix9, 6.6 before devfix5, 6.6.0.1 before devfix2, and 6.6.1...

3.3

CVE-2013-5398

  • EPSS 0.11%
  • Published 18.12.2013 16:04:33
  • Last modified 11.04.2025 00:51:21

Unspecified vulnerability in the Webservice Axis Gateway in IBM Rational Focal Point 6.4 before devfix1, 6.4.1.3 before devfix1, 6.5.1 before devfix1, 6.5.2 before devfix4, 6.5.2.3 before devfix9, 6.6 before devfix5, 6.6.0.1 before devfix2, and 6.6.1...

4.3

CVE-2013-3025

  • EPSS 0.24%
  • Published 17.10.2013 00:55:03
  • Last modified 11.04.2025 00:51:21

Multiple cross-site scripting (XSS) vulnerabilities in IBM Rational Focal Point 6.5.x and 6.6.x before 6.6.0.1 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.