Vulnerabilities (CVE)

Filtered by vendor Ibm Subscribe
Filtered by product System Networking Switch Center
Total 4 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2015-7820 2 Ibm, Lenovo 2 System Networking Switch Center, Switch Center 2024-11-21 7.1 HIGH N/A
Race condition in the administration-panel web service in IBM System Networking Switch Center (SNSC) before 7.3.1.5 and Lenovo Switch Center before 8.1.2.0 allows remote attackers to obtain privileged-account access, and consequently provide ZipDownload.jsp input containing directory traversal sequences to read arbitrary files, via a request to port 40080 or 40443.
CVE-2015-7819 2 Ibm, Lenovo 2 System Networking Switch Center, Switch Center 2024-11-21 5.0 MEDIUM N/A
The DB service in IBM System Networking Switch Center (SNSC) before 7.3.1.5 and Lenovo Switch Center before 8.1.2.0 allows remote attackers to obtain sensitive administrator-account information via a request on port 40999, as demonstrated by an improperly encrypted password.
CVE-2015-7818 2 Ibm, Lenovo 2 System Networking Switch Center, Switch Center 2024-11-21 7.2 HIGH N/A
The administration-panel web service in IBM System Networking Switch Center (SNSC) before 7.3.1.5 and Lenovo Switch Center before 8.1.2.0 allows local users to execute arbitrary JSP code with SYSTEM privileges by using the Apache Axis AdminService deployment method to install a .jsp file.
CVE-2015-7817 2 Ibm, Lenovo 2 System Networking Switch Center, Switch Center 2024-11-21 7.1 HIGH N/A
Race condition in the administration-panel web service in IBM System Networking Switch Center (SNSC) before 7.3.1.5 and Lenovo Switch Center before 8.1.2.0 allows remote attackers to obtain privileged-account access, and consequently provide FileReader.jsp input containing directory traversal sequences to read arbitrary text files, via a request to port 40080 or 40443.