Total
5 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-1201 | 1 Ibm | 1 Bigfix Security Compliance Analytics | 2024-11-21 | 2.1 LOW | 7.8 HIGH |
| IBM BigFix Compliance Analytics 1.9.79 (TEMA SUAv1 SCA SCM) stores user credentials in clear text which can be read by a local user. IBM X-Force ID: 123676. | |||||
| CVE-2017-1197 | 1 Ibm | 1 Bigfix Security Compliance Analytics | 2024-11-21 | 5.0 MEDIUM | 9.8 CRITICAL |
| IBM BigFix Compliance (TEMA SUAv1 SCA SCM) uses an inadequate account lockout setting that could allow a remote attacker to brute force account credentials. IBM X-Force ID: 123672. | |||||
| CVE-2017-1196 | 1 Ibm | 1 Bigfix Security Compliance Analytics | 2024-11-21 | 5.0 MEDIUM | 9.8 CRITICAL |
| IBM BigFix Compliance (TEMA SUAv1 SCA SCM) 1.9.70 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. IBM X-Force ID: 123671. | |||||
| CVE-2017-1179 | 1 Ibm | 1 Bigfix Security Compliance Analytics | 2024-11-21 | 4.3 MEDIUM | 5.9 MEDIUM |
| IBM BigFix Compliance Analytics 1.9.79 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 123431. | |||||
| CVE-2017-1178 | 1 Ibm | 1 Bigfix Security Compliance Analytics | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| IBM Endpoint Manager for Security and Compliance 1.9.70 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 123430. | |||||