Skip to main content

Security Directory Server

10 CVEs product

Monthly

CVE-2024-28772 MEDIUM This Month

IBM Security Directory Integrator 7.2.0 and IBM Security Verify Directory Integrator 10.0.0 is vulnerable to stored cross-site scripting. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

IBM XSS Security Directory Integrator Security Directory Server Security Verify Access
NVD
CVSS 3.1
5.4
EPSS
0.3%
CVE-2019-4549 MEDIUM PATCH This Month

IBM Security Directory Server 6.4.0 discloses sensitive information to unauthorized users. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

IBM Information Disclosure Security Directory Server
NVD
CVSS 3.1
5.3
EPSS
1.3%
CVE-2019-4542 MEDIUM PATCH This Month

IBM Security Directory Server 6.4.0 is vulnerable to cross-site scripting. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS IBM Security Directory Server
NVD
CVSS 3.1
6.1
EPSS
0.9%
CVE-2019-4539 HIGH PATCH This Week

IBM Security Directory Server 6.4.0 does not properly neutralize special elements that are used in XML, allowing attackers to modify the syntax, content, or commands of the XML before it is processed. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, low attack complexity.

IBM Information Disclosure Security Directory Server
NVD
CVSS 3.1
7.1
EPSS
1.2%
CVE-2019-4538 HIGH PATCH This Week

IBM Security Directory Server 6.4.0 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

IBM Open Redirect Security Directory Server
NVD
CVSS 3.1
8.2
EPSS
1.3%
CVE-2019-4520 HIGH PATCH This Week

IBM Security Directory Server 6.4.0 uses an inadequate account lockout setting that could allow a remote attacker to brute force account credentials. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

IBM Information Disclosure Security Directory Server
NVD
CVSS 3.1
7.5
EPSS
2.2%
CVE-2015-1976 MEDIUM PATCH This Month

IBM Security Directory Server could allow an authenticated user to execute commands into the web administration tool that would cause the tool to crash. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

IBM Authentication Bypass Security Directory Server Tivoli Directory Server
NVD
CVSS 3.0
5.5
EPSS
0.0%
CVE-2015-1977 HIGH This Week

Directory traversal vulnerability in the Web Administration tool in IBM Tivoli Directory Server (ITDS) before 6.1.0.74-ISS-ISDS-IF0074, 6.2.x before 6.2.0.50-ISS-ISDS-IF0050, and 6.3.x before. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

IBM Path Traversal Information Disclosure Tivoli Directory Server Security Directory Server
NVD
CVSS 3.0
7.5
EPSS
0.2%
CVE-2014-6100 LOW Monitor

Cross-site scripting (XSS) vulnerability in the Admin UI in IBM Tivoli Directory Server 6.1 before 6.1.0.64-ISS-ITDS-IF0064, 6.2 before 6.2.0.39-ISS-ITDS-FP0039, and 6.3 before. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. No vendor patch available.

IBM XSS Security Directory Server Tivoli Directory Server
NVD
CVSS 2.0
3.5
EPSS
0.2%
CVE-2013-6747 HIGH This Week

IBM GSKit 7.x before 7.0.4.48 and 8.x before 8.0.50.16, as used in IBM Security Directory Server (ISDS) and Tivoli Directory Server (TDS), allows remote attackers to cause a denial of service. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service IBM Global Security Kit Security Directory Server Tivoli Directory Server
NVD
CVSS 2.0
7.1
EPSS
2.8%
EPSS 0% CVSS 5.4
MEDIUM This Month

IBM Security Directory Integrator 7.2.0 and IBM Security Verify Directory Integrator 10.0.0 is vulnerable to stored cross-site scripting. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

IBM XSS Security Directory Integrator +2
NVD
EPSS 1% CVSS 5.3
MEDIUM PATCH This Month

IBM Security Directory Server 6.4.0 discloses sensitive information to unauthorized users. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

IBM Information Disclosure Security Directory Server
NVD
EPSS 1% CVSS 6.1
MEDIUM PATCH This Month

IBM Security Directory Server 6.4.0 is vulnerable to cross-site scripting. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS IBM Security Directory Server
NVD
EPSS 1% CVSS 7.1
HIGH PATCH This Week

IBM Security Directory Server 6.4.0 does not properly neutralize special elements that are used in XML, allowing attackers to modify the syntax, content, or commands of the XML before it is processed. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, low attack complexity.

IBM Information Disclosure Security Directory Server
NVD
EPSS 1% CVSS 8.2
HIGH PATCH This Week

IBM Security Directory Server 6.4.0 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

IBM Open Redirect Security Directory Server
NVD
EPSS 2% CVSS 7.5
HIGH PATCH This Week

IBM Security Directory Server 6.4.0 uses an inadequate account lockout setting that could allow a remote attacker to brute force account credentials. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

IBM Information Disclosure Security Directory Server
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

IBM Security Directory Server could allow an authenticated user to execute commands into the web administration tool that would cause the tool to crash. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

IBM Authentication Bypass Security Directory Server +1
NVD
EPSS 0% CVSS 7.5
HIGH This Week

Directory traversal vulnerability in the Web Administration tool in IBM Tivoli Directory Server (ITDS) before 6.1.0.74-ISS-ISDS-IF0074, 6.2.x before 6.2.0.50-ISS-ISDS-IF0050, and 6.3.x before. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

IBM Path Traversal Information Disclosure +2
NVD
EPSS 0% CVSS 3.5
LOW Monitor

Cross-site scripting (XSS) vulnerability in the Admin UI in IBM Tivoli Directory Server 6.1 before 6.1.0.64-ISS-ITDS-IF0064, 6.2 before 6.2.0.39-ISS-ITDS-FP0039, and 6.3 before. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. No vendor patch available.

IBM XSS Security Directory Server +1
NVD
EPSS 3% CVSS 7.1
HIGH This Week

IBM GSKit 7.x before 7.0.4.48 and 8.x before 8.0.50.16, as used in IBM Security Directory Server (ISDS) and Tivoli Directory Server (TDS), allows remote attackers to cause a denial of service. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service IBM Global Security Kit +2
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy