Skip to main content
CVE-2021-29817 MEDIUM PATCH This Month

IBM Jazz for Service Management and IBM Tivoli Netcool/OMNIbus_GUI 8.1.0 is vulnerable to cross-site scripting. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

IBM XSS Tivoli Netcool Omnibus Webgui
NVD
CVSS 3.1
5.4
EPSS
0.5%
CVE-2021-29809 MEDIUM PATCH This Month

IBM Jazz for Service Management and IBM Tivoli Netcool/OMNIbus_GUI 8.1.0 is vulnerable to stored cross-site scripting. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

IBM XSS Tivoli Netcool Omnibus Webgui
NVD
CVSS 3.1
5.4
EPSS
0.5%
CVE-2021-29808 MEDIUM PATCH This Month

IBM Jazz for Service Management and IBM Tivoli Netcool/OMNIbus_GUI 8.1.0 is vulnerable to stored cross-site scripting. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

IBM XSS Tivoli Netcool Omnibus Webgui
NVD
CVSS 3.1
5.4
EPSS
0.5%
CVE-2021-29807 MEDIUM PATCH This Month

IBM Jazz for Service Management and IBM Tivoli Netcool/OMNIbus_GUI 8.1.0 is vulnerable to stored cross-site scripting. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

IBM XSS Tivoli Netcool Omnibus Webgui
NVD
CVSS 3.1
5.4
EPSS
0.5%
CVE-2021-29806 MEDIUM PATCH This Month

IBM Jazz for Service Management and IBM Tivoli Netcool/OMNIbus_GUI 8.1.0 is vulnerable to stored cross-site scripting. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

IBM XSS Tivoli Netcool Omnibus Webgui
NVD
CVSS 3.1
5.4
EPSS
0.5%
CVE-2021-29811 MEDIUM PATCH This Month

IBM Jazz for Service Management and IBM Tivoli Netcool/OMNIbus_GUI 8.1.0 stores user credentials in plain clear text which can be read by an authenticated admin user. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. This Insufficiently Protected Credentials vulnerability could allow attackers to obtain user credentials due to weak protection mechanisms.

IBM Information Disclosure Tivoli Netcool Omnibus Webgui
NVD
CVSS 3.1
4.9
EPSS
0.9%
CVE-2021-38899 MEDIUM PATCH This Month

IBM Cloud Pak for Data 2.5 could allow a local user with special privileges to obtain highly sensitive information. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity.

IBM Information Disclosure Cloud Pak For Data
NVD
CVSS 3.1
4.4
EPSS
0.3%
CVE-2020-8561 MEDIUM This Month

A security issue was discovered in Kubernetes where actors that control the responses of MutatingWebhookConfiguration or ValidatingWebhookConfiguration requests are able to redirect kube-apiserver. Rated medium severity (CVSS 4.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Kubernetes
NVD GitHub VulDB
CVSS 3.1
4.1
EPSS
0.2%
CVE-2021-25740 LOW Monitor

A security issue was discovered with Kubernetes that could enable users to send network traffic to locations they would otherwise not have access to via a confused deputy attack. Rated low severity (CVSS 3.1), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Kubernetes
NVD GitHub VulDB
CVSS 3.1
3.1
EPSS
0.5%
Prev Page 4 of 4

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy