» 2017 » 12월

CVE-2017-1481

Posted on 2017년 12월 8일2017년 12월 8일 by admin

CVE-2017-1481

IBM Sterling B2B Integrator Standard Edition 5.2 allows a user to view sensitive information that belongs to another user. IBM X-Force ID: 128619.

Source: CVE-2017-1481

CVE-2017-1487

Posted on 2017년 12월 8일2017년 12월 8일 by admin

CVE-2017-1487

IBM Sterling File Gateway 2.2 could allow an authenticated attacker to obtain sensitive information such as login ids on the system. IBM X-Force ID: 128626.

Source: CVE-2017-1487

CVE-2017-1482

Posted on 2017년 12월 8일2017년 12월 8일 by admin

CVE-2017-1482

IBM Sterling B2B Integrator Standard Edition 5.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 128620.

Source: CVE-2017-1482

CVE-2017-1497

Posted on 2017년 12월 8일2017년 12월 8일 by admin

CVE-2017-1497

IBM Sterling File Gateway 2.2 could allow an unauthorized user to view files they should not have access to providing they know the directory location of the file. IBM X-Force ID: 128695.

Source: CVE-2017-1497

CVE-2017-1498

Posted on 2017년 12월 8일2017년 12월 8일 by admin

CVE-2017-1498

IBM Connections 5.5 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 129020.

Source: CVE-2017-1498

CVE-2017-1341

Posted on 2017년 12월 8일2017년 12월 8일 by admin

CVE-2017-1341

IBM WebSphere MQ 8.0 and 9.0 could allow, under special circumstances, an unauthorized user to access an object which they should have been denied access. IBM X-Force ID: 126456.

Source: CVE-2017-1341

CVE-2017-1342

Posted on 2017년 12월 8일2017년 12월 8일 by admin

CVE-2017-1342

IBM Insights Foundation for Energy 2.0 could reveal sensitive information in error messages to authenticated users that could e used to conduct further attacks. IBM X-Force ID: 126457.

Source: CVE-2017-1342

CVE-2017-1353

Posted on 2017년 12월 8일2017년 12월 8일 by admin

CVE-2017-1353

IBM Atlas eDiscovery Process Management 6.0.3 could allow an authenticated attacker to obtain sensitive information when an unsuspecting user clicks on unsafe third-party links. IBM X-Force ID: 126680.

Source: CVE-2017-1353

CVE-2017-1354

Posted on 2017년 12월 8일2017년 12월 8일 by admin

CVE-2017-1354

IBM Atlas eDiscovery Process Management 6.0.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 126681.

Source: CVE-2017-1354

CVE-2017-1355

Posted on 2017년 12월 8일2017년 12월 8일 by admin

CVE-2017-1355

IBM Atlas eDiscovery Process Management 6.0.3 stores sensitive information in URL parameters. This may lead to information disclosure if unauthorized parties have access to the URLs via server logs, referrer header or browser history. IBM X-Force ID: 126682.

Source: CVE-2017-1355