Ibm: >> Bigfix Platform Security Vulnerabilities
IBM Tivoli Endpoint Manager - Mobile Device Management (MDM) could allow a remote attacker to obtain sensitive information due to a missing HTTP Strict-Transport-Security Header through man in the middle techniques.
CVSS Score
3.7
EPSS Score
0.002
Published
2017-02-01
IBM Tivoli Endpoint Manager could allow a user under special circumstances to inject commands that would be executed with unnecessary higher privileges than expected.
CVSS Score
8.1
EPSS Score
0.005
Published
2017-02-01
Cross-site scripting (XSS) vulnerability in IBM BigFix Platform (formerly Tivoli Endpoint Manager) 9.x before 9.1.8 and 9.2.x before 9.2.8 allows remote attackers to inject arbitrary web script or HTML via a modified .beswrpt file.
CVSS Score
6.1
EPSS Score
0.002
Published
2016-09-01
Cross-site scripting (XSS) vulnerability in IBM BigFix Platform 9.x before 9.1.8 and 9.2.x before 9.2.7 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL.
CVSS Score
5.4
EPSS Score
0.002
Published
2016-07-15
Page 5