Show filters
12 Total Results
Displaying 1-10 of 12
Sort by:
Attacker Value
Unknown

CVE-2020-4150

Disclosure Date: July 10, 2022 (last updated February 24, 2025)
IBM SiteProtector Appliance 3.1.1 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. IBM X-Force ID: 174142.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2020-4138

Disclosure Date: July 10, 2022 (last updated October 07, 2023)
IBM SiteProtector Appliance 3.1.1 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 174049.
Attack Vector: LocalPrivileges: LowUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2020-4140

Disclosure Date: November 10, 2021 (last updated February 23, 2025)
IBM Security SiteProtector System 3.1.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 174052.
Attack Vector: NetworkPrivileges: LowUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2020-4146

Disclosure Date: November 10, 2021 (last updated February 23, 2025)
IBM Security SiteProtector System 3.1.1 could allow a remote attacker to obtain sensitive information, caused by missing 'HttpOnly' flag. A remote attacker could exploit this vulnerability to obtain sensitive information. IBM X-Force ID: 174129.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2015-0172

Disclosure Date: April 10, 2018 (last updated November 26, 2024)
IBM Security SiteProtector System 3.0, 3.1.0 and 3.1.1 allows remote attackers to bypass intended security restrictions and consequently execute unspecified commands and obtain sensitive information via unknown vectors. IBM X-Force ID: 100927.
0
0
Attacker Value
Unknown

CVE-2015-0162

Disclosure Date: September 20, 2017 (last updated November 26, 2024)
IBM Security SiteProtector System 3.0, 3.1, and 3.1.1 allows local users to gain privileges.
0
0
Attacker Value
Unknown

CVE-2015-0160

Disclosure Date: May 25, 2015 (last updated October 05, 2023)
IBM Security SiteProtector System 3.0 before 3.0.0.7, 3.1 before 3.1.0.4, and 3.1.1 before 3.1.1.2 allows remote authenticated users to execute arbitrary commands with SYSTEM privileges via unspecified vectors.
0
0
Attacker Value
Unknown

CVE-2015-0169

Disclosure Date: May 25, 2015 (last updated October 05, 2023)
IBM Security SiteProtector System 3.0 before 3.0.0.7, 3.1 before 3.1.0.4, and 3.1.1 before 3.1.1.2 allows remote authenticated users to inject arguments via unspecified vectors.
0
0
Attacker Value
Unknown

CVE-2015-0161

Disclosure Date: May 25, 2015 (last updated October 05, 2023)
SQL injection vulnerability in IBM Security SiteProtector System 3.0 before 3.0.0.7, 3.1 before 3.1.0.4, and 3.1.1 before 3.1.1.2 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.
0
0
Attacker Value
Unknown

CVE-2015-0171

Disclosure Date: May 25, 2015 (last updated October 05, 2023)
Directory traversal vulnerability in IBM Security SiteProtector System 3.0 before 3.0.0.7, 3.1 before 3.1.0.4, and 3.1.1 before 3.1.1.2 allows remote authenticated users to write to arbitrary files via unspecified vectors.
0
0
View More Topics  Next >