Ibm: >> Bigfix Security Compliance Analytics Security Vulnerabilities
IBM BigFix Compliance Analytics 1.9.79 (TEMA SUAv1 SCA SCM) stores user credentials in clear text which can be read by a local user. IBM X-Force ID: 123676.
CVSS Score
7.8
EPSS Score
0.0
Published
2017-10-05
IBM BigFix Compliance (TEMA SUAv1 SCA SCM) uses an inadequate account lockout setting that could allow a remote attacker to brute force account credentials. IBM X-Force ID: 123672.
CVSS Score
9.8
EPSS Score
0.004
Published
2017-06-15
IBM BigFix Compliance Analytics 1.9.79 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 123431.
CVSS Score
5.9
EPSS Score
0.001
Published
2017-06-08
IBM Endpoint Manager for Security and Compliance 1.9.70 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 123430.
CVSS Score
6.1
EPSS Score
0.003
Published
2017-06-07
IBM BigFix Compliance (TEMA SUAv1 SCA SCM) 1.9.70 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. IBM X-Force ID: 123671.
CVSS Score
9.8
EPSS Score
0.003
Published
2017-06-07