CVE-2017-1177
- EPSS 0.14%
- Published 05.02.2019 18:29:00
- Last modified 21.11.2024 03:21:26
IBM BigFix Compliance 1.7 through 1.9.91 discloses sensitive information to unauthorized users. The information can be used to mount further attacks on the system. IBM X-Force ID: 123429.
CVE-2017-1198
- EPSS 0.16%
- Published 05.02.2019 18:29:00
- Last modified 21.11.2024 03:21:28
IBM BigFix Compliance 1.7 through 1.9.91 (TEMA SUAv1 SCA SCM) stores sensitive information in URL parameters. This may lead to information disclosure if unauthorized parties have access to the URLs via server logs, referrer header or browser history....
CVE-2017-1200
- EPSS 0.08%
- Published 05.02.2019 18:29:00
- Last modified 21.11.2024 03:21:29
IBM BigFix Compliance 1.7 through 1.9.91 (TEMA SUAv1 SCA SCM) does not validate, or incorrectly validates, a certificate.This weakness might allow an attacker to spoof a trusted entity by using a man-in-the-middle (MITM) attack. The software might co...
CVE-2017-1202
- EPSS 0.09%
- Published 05.02.2019 18:29:00
- Last modified 21.11.2024 03:21:29
IBM BigFix Compliance 1.7 through 1.9.91 (TEMA SUAv1 SCA SCM) is vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the security context of the hos...