Skip to main content

Bigfix Security Compliance Analytics

5 CVEs product

Monthly

CVE-2017-1201 HIGH This Week

IBM BigFix Compliance Analytics 1.9.79 (TEMA SUAv1 SCA SCM) stores user credentials in clear text which can be read by a local user. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

IBM Information Disclosure Bigfix Security Compliance Analytics
NVD
CVSS 3.0
7.8
EPSS
0.0%
CVE-2017-1197 CRITICAL Act Now

IBM BigFix Compliance (TEMA SUAv1 SCA SCM) uses an inadequate account lockout setting that could allow a remote attacker to brute force account credentials. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

IBM Information Disclosure Bigfix Security Compliance Analytics
NVD
CVSS 3.0
9.8
EPSS
0.4%
CVE-2017-1179 MEDIUM PATCH This Month

IBM BigFix Compliance Analytics 1.9.79 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required.

IBM Information Disclosure Bigfix Security Compliance Analytics
NVD
CVSS 3.0
5.9
EPSS
0.1%
CVE-2017-1196 CRITICAL Act Now

IBM BigFix Compliance (TEMA SUAv1 SCA SCM) 1.9.70 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Brute Force IBM Information Disclosure Bigfix Security Compliance Analytics
NVD
CVSS 3.0
9.8
EPSS
0.3%
CVE-2017-1178 MEDIUM This Month

IBM Endpoint Manager for Security and Compliance 1.9.70 is vulnerable to cross-site scripting. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS IBM Bigfix Security Compliance Analytics
NVD
CVSS 3.0
6.1
EPSS
0.3%
EPSS 0% CVSS 7.8
HIGH This Week

IBM BigFix Compliance Analytics 1.9.79 (TEMA SUAv1 SCA SCM) stores user credentials in clear text which can be read by a local user. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

IBM Information Disclosure Bigfix Security Compliance Analytics
NVD
EPSS 0% CVSS 9.8
CRITICAL Act Now

IBM BigFix Compliance (TEMA SUAv1 SCA SCM) uses an inadequate account lockout setting that could allow a remote attacker to brute force account credentials. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

IBM Information Disclosure Bigfix Security Compliance Analytics
NVD
EPSS 0% CVSS 5.9
MEDIUM PATCH This Month

IBM BigFix Compliance Analytics 1.9.79 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required.

IBM Information Disclosure Bigfix Security Compliance Analytics
NVD
EPSS 0% CVSS 9.8
CRITICAL Act Now

IBM BigFix Compliance (TEMA SUAv1 SCA SCM) 1.9.70 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Brute Force IBM Information Disclosure +1
NVD
EPSS 0% CVSS 6.1
MEDIUM This Month

IBM Endpoint Manager for Security and Compliance 1.9.70 is vulnerable to cross-site scripting. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS IBM Bigfix Security Compliance Analytics
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy