Skip to main content

Tivoli Netcool Impact

11 CVEs product

Monthly

CVE-2021-29794 HIGH PATCH This Week

IBM Tivoli Netcool/Impact 7.1.0.20 and 7.1.0.21 uses an insecure SSH server configuration which enables weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

IBM Information Disclosure Tivoli Netcool Impact
NVD
CVSS 3.1
7.5
EPSS
0.7%
CVE-2020-4849 MEDIUM This Month

IBM Tivoli Netcool Impact 7.1.0.0 through 7.1.0.19 Interim Fix 7 could allow a remote attacker to bypass security restrictions, caused by a reverse tabnabbing flaw. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

IBM Open Redirect Tivoli Netcool Impact
NVD
CVSS 3.1
6.1
EPSS
0.8%
CVE-2020-4239 MEDIUM PATCH This Month

IBM Tivoli Netcool Impact 7.1.0.0 through 7.1.0.17 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

IBM Information Disclosure Tivoli Netcool Impact
NVD
CVSS 3.1
5.3
EPSS
1.7%
CVE-2020-4238 HIGH PATCH This Week

IBM Tivoli Netcool Impact 7.1.0.0 through 7.1.0.17 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Request Forgery (CSRF) vulnerability could allow attackers to trick authenticated users into performing unintended actions.

IBM CSRF Tivoli Netcool Impact
NVD
CVSS 3.1
8.8
EPSS
0.5%
CVE-2020-4237 HIGH PATCH This Week

IBM Tivoli Netcool Impact 7.1.0.0 through 7.1.0.17 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Request Forgery (CSRF) vulnerability could allow attackers to trick authenticated users into performing unintended actions.

IBM CSRF Tivoli Netcool Impact
NVD
CVSS 3.1
8.8
EPSS
0.5%
CVE-2020-4236 MEDIUM PATCH This Month

IBM Tivoli Netcool Impact 7.1.0.0 through 7.1.0.17 could allow an authenticated user to cause a denial of service due to improper content parsing in the project management module. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service IBM Tivoli Netcool Impact
NVD
CVSS 3.1
6.5
EPSS
1.4%
CVE-2020-4235 MEDIUM PATCH This Month

IBM Tivoli Netcool Impact 7.1.0.0 through 7.1.0.17 is vulnerable to cross-site scripting. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS IBM Tivoli Netcool Impact
NVD
CVSS 3.1
5.4
EPSS
0.7%
CVE-2019-4570 MEDIUM This Month

IBM Tivoli Netcool Impact 7.1.0 through 7.1.0.16 generates an error message that includes sensitive information about its environment, users, or associated data. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

IBM Information Disclosure Tivoli Netcool Impact
NVD
CVSS 3.1
5.3
EPSS
1.0%
CVE-2019-4569 MEDIUM This Month

IBM Tivoli Netcool Impact 7.1.0.0 through 7.1.0.16 is vulnerable to cross-site scripting. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS IBM Tivoli Netcool Impact
NVD
CVSS 3.1
5.4
EPSS
0.6%
CVE-2019-4103 HIGH PATCH This Week

IBM Tivoli Netcool/Impact 7.1.0 allows for remote execution of command by low privileged User. Rated high severity (CVSS 8.0), this vulnerability is low attack complexity.

IBM RCE Tivoli Netcool Impact
NVD
CVSS 3.1
8.0
EPSS
1.5%
CVE-2014-6161 LOW Monitor

Cross-site scripting (XSS) vulnerability in IBM Tivoli Netcool/Impact 6.1.1 before 6.1.1.1-TIV-NCI-IF0001 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. No vendor patch available.

IBM XSS Tivoli Netcool Impact
NVD
CVSS 2.0
3.5
EPSS
0.2%
EPSS 1% CVSS 7.5
HIGH PATCH This Week

IBM Tivoli Netcool/Impact 7.1.0.20 and 7.1.0.21 uses an insecure SSH server configuration which enables weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

IBM Information Disclosure Tivoli Netcool Impact
NVD
EPSS 1% CVSS 6.1
MEDIUM This Month

IBM Tivoli Netcool Impact 7.1.0.0 through 7.1.0.19 Interim Fix 7 could allow a remote attacker to bypass security restrictions, caused by a reverse tabnabbing flaw. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

IBM Open Redirect Tivoli Netcool Impact
NVD
EPSS 2% CVSS 5.3
MEDIUM PATCH This Month

IBM Tivoli Netcool Impact 7.1.0.0 through 7.1.0.17 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

IBM Information Disclosure Tivoli Netcool Impact
NVD
EPSS 1% CVSS 8.8
HIGH PATCH This Week

IBM Tivoli Netcool Impact 7.1.0.0 through 7.1.0.17 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Request Forgery (CSRF) vulnerability could allow attackers to trick authenticated users into performing unintended actions.

IBM CSRF Tivoli Netcool Impact
NVD
EPSS 1% CVSS 8.8
HIGH PATCH This Week

IBM Tivoli Netcool Impact 7.1.0.0 through 7.1.0.17 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Request Forgery (CSRF) vulnerability could allow attackers to trick authenticated users into performing unintended actions.

IBM CSRF Tivoli Netcool Impact
NVD
EPSS 1% CVSS 6.5
MEDIUM PATCH This Month

IBM Tivoli Netcool Impact 7.1.0.0 through 7.1.0.17 could allow an authenticated user to cause a denial of service due to improper content parsing in the project management module. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service IBM Tivoli Netcool Impact
NVD
EPSS 1% CVSS 5.4
MEDIUM PATCH This Month

IBM Tivoli Netcool Impact 7.1.0.0 through 7.1.0.17 is vulnerable to cross-site scripting. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS IBM Tivoli Netcool Impact
NVD
EPSS 1% CVSS 5.3
MEDIUM This Month

IBM Tivoli Netcool Impact 7.1.0 through 7.1.0.16 generates an error message that includes sensitive information about its environment, users, or associated data. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

IBM Information Disclosure Tivoli Netcool Impact
NVD
EPSS 1% CVSS 5.4
MEDIUM This Month

IBM Tivoli Netcool Impact 7.1.0.0 through 7.1.0.16 is vulnerable to cross-site scripting. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS IBM Tivoli Netcool Impact
NVD
EPSS 1% CVSS 8.0
HIGH PATCH This Week

IBM Tivoli Netcool/Impact 7.1.0 allows for remote execution of command by low privileged User. Rated high severity (CVSS 8.0), this vulnerability is low attack complexity.

IBM RCE Tivoli Netcool Impact
NVD
EPSS 0% CVSS 3.5
LOW Monitor

Cross-site scripting (XSS) vulnerability in IBM Tivoli Netcool/Impact 6.1.1 before 6.1.1.1-TIV-NCI-IF0001 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. No vendor patch available.

IBM XSS Tivoli Netcool Impact
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy