Vulnerabilities (CVE)

Filtered by vendor Ibm Subscribe
Filtered by product Bluemix
Total 3 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2016-0391 1 Ibm 2 Bluemix, Watson Developer Cloud 2024-11-21 7.5 HIGH 9.8 CRITICAL
The IBM Watson Developer Cloud services on Bluemix platforms do not properly generate random numbers for service-instance credentials, which makes it easier for remote attackers to defeat cryptographic protection mechanisms via a brute-force attack.
CVE-2016-0323 1 Ibm 1 Bluemix 2024-11-21 4.0 MEDIUM 6.5 MEDIUM
The Auto-Scaling agent in Liberty for Java in IBM Bluemix before 2.7-20160321-1358 allows remote authenticated users to disable X.509 certificate validation, and consequently bypass an intended HTTPS trust-management feature, via unspecified vectors.
CVE-2015-0178 1 Ibm 2 Bluemix, Liberty 2024-11-21 4.3 MEDIUM N/A
The Java overlay feature in IBM Bluemix Liberty before 1.13-20150209-1122 for Java does not properly support WAR applications, which allows remote attackers to obtain sensitive information via unspecified vectors.