Skip to main content

Tivoli Application Dependency Discovery Manager

14 CVEs product

Monthly

CVE-2025-23227 MEDIUM This Month

IBM Tivoli Application Dependency Discovery Manager 7.3.0.0 through 7.3.0.11 is vulnerable to stored cross-site scripting. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

IBM XSS Tivoli Application Dependency Discovery Manager
NVD
CVSS 3.1
6.4
EPSS
0.1%
CVE-2018-1455 HIGH This Week

IBM Tivoli Application Dependency Discovery Manager 7.2.2 and 7.3 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF IBM Tivoli Application Dependency Discovery Manager
NVD
CVSS 3.0
8.8
EPSS
0.8%
CVE-2016-8927 MEDIUM PATCH This Month

IBM Tivoli Application Dependency Discovery Manager 7.2.2 and 7.3 is vulnerable to cross-site scripting. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS IBM Tivoli Application Dependency Discovery Manager
NVD
CVSS 3.0
5.4
EPSS
0.2%
CVE-2016-8926 MEDIUM PATCH This Month

IBM Tivoli Application Dependency Discovery Manager 7.2.2 and 7.3 could allow a remote attacker to read system files or data that is restricted to authorized users. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

IBM Information Disclosure Tivoli Application Dependency Discovery Manager
NVD
CVSS 3.0
4.3
EPSS
0.2%
CVE-2016-8925 MEDIUM PATCH This Month

IBM Tivoli Application Dependency Discovery Manager 7.2.2 and 7.3 could allow a remote attacker to include arbitrary files which could allow the attacker to read any file on the system. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

IBM Information Disclosure Tivoli Application Dependency Discovery Manager
NVD
CVSS 3.0
6.5
EPSS
0.2%
CVE-2014-6150 LOW PATCH Monitor

Cross-site scripting (XSS) vulnerability in IBM Tivoli Application Dependency Discovery Manager (TADDM) 7.2.1.0 through 7.2.1.6 and 7.2.2.0 through 7.2.2.2 allows remote authenticated users to inject. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable.

IBM XSS Tivoli Application Dependency Discovery Manager
NVD
CVSS 2.0
3.5
EPSS
0.2%
CVE-2014-6148 LOW PATCH Monitor

IBM Tivoli Application Dependency Discovery Manager (TADDM) 7.2.0.0 through 7.2.0.10, 7.2.1.0 through 7.2.1.6, and 7.2.2.0 through 7.2.2.2 does not require TADDM authentication for rptdesign. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. This Improper Authentication vulnerability could allow attackers to bypass authentication mechanisms to gain unauthorized access.

IBM Authentication Bypass Tivoli Application Dependency Discovery Manager
NVD
CVSS 2.0
3.5
EPSS
0.2%
CVE-2014-6149 MEDIUM This Month

Directory traversal vulnerability in BIRT-viewer in IBM Tivoli Application Dependency Discovery Manager (TADDM) 7.2.0.0 through 7.2.0.10, 7.2.1.0 through 7.2.1.6, and 7.2.2.0 through 7.2.2.2 allows. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal IBM Tivoli Application Dependency Discovery Manager
NVD
CVSS 2.0
5.0
EPSS
0.5%
CVE-2013-3004 LOW Monitor

Directory traversal vulnerability in BIRT-Report Viewer in IBM Tivoli Application Dependency Discovery Manager (TADDM) 7.1.x and 7.2.x before 7.2.1.5 allows remote authenticated users to read. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. No vendor patch available.

Path Traversal IBM Tivoli Application Dependency Discovery Manager
NVD
CVSS 2.0
3.5
EPSS
0.1%
CVE-2013-2974 HIGH This Week

The BIRT viewer in IBM Tivoli Application Dependency Discovery Manager (TADDM) 7.2.1.x before 7.2.1.5 allows remote authenticated users to bypass authorization checks and obtain report-administration. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation SQLi IBM Tivoli Application Dependency Discovery Manager
NVD
CVSS 2.0
7.5
EPSS
0.2%
CVE-2013-4002 Maven HIGH PATCH This Week

XMLscanner.java in Apache Xerces2 Java Parser before 2.12.0, as used in the Java Runtime Environment (JRE) in IBM Java 5.0 before 5.0 SR16-FP3, 6 before 6 SR14, 6.0.1 before 6.0.1 SR6, and 7 before 7. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable.

Java Denial Of Service Apache Oracle IBM +14
NVD
CVSS 2.0
7.1
EPSS
5.6%
CVE-2012-5942 LOW Monitor

Cross-site scripting (XSS) vulnerability in the Data Management Portal Web User Interface in IBM Tivoli Application Dependency Discovery Manager (TADDM) 7.2.x before 7.2.1.4 allows remote. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. No vendor patch available.

IBM XSS Tivoli Application Dependency Discovery Manager
NVD
CVSS 2.0
3.5
EPSS
0.2%
CVE-2012-5939 LOW PATCH Monitor

Cross-site scripting (XSS) vulnerability in Welcome.do in the Data Management Portal Web User Interface in IBM Tivoli Application Dependency Discovery Manager (TADDM) 7.2.x before 7.2.1.4 allows. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable.

IBM XSS Tivoli Application Dependency Discovery Manager
NVD
CVSS 2.0
3.5
EPSS
0.2%
CVE-2012-5770 MEDIUM PATCH This Month

The SSL configuration in IBM Tivoli Application Dependency Discovery Manager (TADDM) 7.2.x before 7.2.1.4 supports the MD5 hash algorithm, which makes it easier for man-in-the-middle attackers to. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable.

Information Disclosure IBM Tivoli Application Dependency Discovery Manager
NVD
CVSS 2.0
5.8
EPSS
0.3%
EPSS 0% CVSS 6.4
MEDIUM This Month

IBM Tivoli Application Dependency Discovery Manager 7.3.0.0 through 7.3.0.11 is vulnerable to stored cross-site scripting. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

IBM XSS Tivoli Application Dependency Discovery Manager
NVD
EPSS 1% CVSS 8.8
HIGH This Week

IBM Tivoli Application Dependency Discovery Manager 7.2.2 and 7.3 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF IBM Tivoli Application Dependency Discovery Manager
NVD
EPSS 0% CVSS 5.4
MEDIUM PATCH This Month

IBM Tivoli Application Dependency Discovery Manager 7.2.2 and 7.3 is vulnerable to cross-site scripting. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS IBM Tivoli Application Dependency Discovery Manager
NVD
EPSS 0% CVSS 4.3
MEDIUM PATCH This Month

IBM Tivoli Application Dependency Discovery Manager 7.2.2 and 7.3 could allow a remote attacker to read system files or data that is restricted to authorized users. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

IBM Information Disclosure Tivoli Application Dependency Discovery Manager
NVD
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

IBM Tivoli Application Dependency Discovery Manager 7.2.2 and 7.3 could allow a remote attacker to include arbitrary files which could allow the attacker to read any file on the system. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

IBM Information Disclosure Tivoli Application Dependency Discovery Manager
NVD
EPSS 0% CVSS 3.5
LOW PATCH Monitor

Cross-site scripting (XSS) vulnerability in IBM Tivoli Application Dependency Discovery Manager (TADDM) 7.2.1.0 through 7.2.1.6 and 7.2.2.0 through 7.2.2.2 allows remote authenticated users to inject. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable.

IBM XSS Tivoli Application Dependency Discovery Manager
NVD
EPSS 0% CVSS 3.5
LOW PATCH Monitor

IBM Tivoli Application Dependency Discovery Manager (TADDM) 7.2.0.0 through 7.2.0.10, 7.2.1.0 through 7.2.1.6, and 7.2.2.0 through 7.2.2.2 does not require TADDM authentication for rptdesign. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. This Improper Authentication vulnerability could allow attackers to bypass authentication mechanisms to gain unauthorized access.

IBM Authentication Bypass Tivoli Application Dependency Discovery Manager
NVD
EPSS 0% CVSS 5.0
MEDIUM This Month

Directory traversal vulnerability in BIRT-viewer in IBM Tivoli Application Dependency Discovery Manager (TADDM) 7.2.0.0 through 7.2.0.10, 7.2.1.0 through 7.2.1.6, and 7.2.2.0 through 7.2.2.2 allows. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal IBM Tivoli Application Dependency Discovery Manager
NVD
EPSS 0% CVSS 3.5
LOW Monitor

Directory traversal vulnerability in BIRT-Report Viewer in IBM Tivoli Application Dependency Discovery Manager (TADDM) 7.1.x and 7.2.x before 7.2.1.5 allows remote authenticated users to read. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. No vendor patch available.

Path Traversal IBM Tivoli Application Dependency Discovery Manager
NVD
EPSS 0% CVSS 7.5
HIGH This Week

The BIRT viewer in IBM Tivoli Application Dependency Discovery Manager (TADDM) 7.2.1.x before 7.2.1.5 allows remote authenticated users to bypass authorization checks and obtain report-administration. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation SQLi IBM +1
NVD
EPSS 6% CVSS 7.1
HIGH PATCH This Week

XMLscanner.java in Apache Xerces2 Java Parser before 2.12.0, as used in the Java Runtime Environment (JRE) in IBM Java 5.0 before 5.0 SR16-FP3, 6 before 6 SR14, 6.0.1 before 6.0.1 SR6, and 7 before 7. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable.

Java Denial Of Service Apache +16
NVD
EPSS 0% CVSS 3.5
LOW Monitor

Cross-site scripting (XSS) vulnerability in the Data Management Portal Web User Interface in IBM Tivoli Application Dependency Discovery Manager (TADDM) 7.2.x before 7.2.1.4 allows remote. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. No vendor patch available.

IBM XSS Tivoli Application Dependency Discovery Manager
NVD
EPSS 0% CVSS 3.5
LOW PATCH Monitor

Cross-site scripting (XSS) vulnerability in Welcome.do in the Data Management Portal Web User Interface in IBM Tivoli Application Dependency Discovery Manager (TADDM) 7.2.x before 7.2.1.4 allows. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable.

IBM XSS Tivoli Application Dependency Discovery Manager
NVD
EPSS 0% CVSS 5.8
MEDIUM PATCH This Month

The SSL configuration in IBM Tivoli Application Dependency Discovery Manager (TADDM) 7.2.x before 7.2.1.4 supports the MD5 hash algorithm, which makes it easier for man-in-the-middle attackers to. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable.

Information Disclosure IBM Tivoli Application Dependency Discovery Manager
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy