Ibm: >> Bluemix Security Vulnerabilities
The IBM Watson Developer Cloud services on Bluemix platforms do not properly generate random numbers for service-instance credentials, which makes it easier for remote attackers to defeat cryptographic protection mechanisms via a brute-force attack.
CVSS Score
9.8
EPSS Score
0.009
Published
2016-07-02
The Auto-Scaling agent in Liberty for Java in IBM Bluemix before 2.7-20160321-1358 allows remote authenticated users to disable X.509 certificate validation, and consequently bypass an intended HTTPS trust-management feature, via unspecified vectors.
CVSS Score
6.5
EPSS Score
0.001
Published
2016-05-17
The Java overlay feature in IBM Bluemix Liberty before 1.13-20150209-1122 for Java does not properly support WAR applications, which allows remote attackers to obtain sensitive information via unspecified vectors.
CVSS Score
4.3
EPSS Score
0.002
Published
2015-03-18