Shodan
Vulnerabilities
Vulnerable Software
Ibm:  >> Tivoli Application Dependency Discovery Manager  >> 7.2.0.0  Security Vulnerabilities
CVE-2013-3017
IBM Tivoli Application Dependency Discovery Manager (TADDM) before 7.2.1.5 and 7.2.x before 7.2.2 make it easier for remote attackers to defeat cryptographic protection mechanisms by leveraging support for weak SSL ciphers. IBM X-Force ID: 84353.
CVSS Score
7.5
EPSS Score
0.003
Published
2018-07-09
CVE-2013-3018
The AXIS webapp in deploy-tomcat/axis in IBM Tivoli Application Dependency Discovery Manager (TADDM) 7.1.2 and 7.2.0 through 7.2.1.4 allows remote attackers to obtain sensitive configuration information via a direct request, as demonstrated by happyaxis.jsp. IBM X-Force ID: 84354.
CVSS Score
5.3
EPSS Score
0.002
Published
2018-05-24
CVE-2013-3023
IBM Tivoli Application Dependency Discovery Manager (TADDM) 7.1.2 and 7.2.0 through 7.2.1.4 might allow remote attackers to obtain sensitive information about Tomcat credentials by sniffing the network for a session in which HTTP is used. IBM X-Force ID: 84361.
CVSS Score
8.1
EPSS Score
0.003
Published
2018-05-24
CVE-2013-4040
IBM Tivoli Application Dependency Discovery Manager (TADDM) 7.1.2.x before 7.2.1.5 and 7.2.x before 7.2.2.0 on Unix use weak permissions (755) for unspecified configuration and log files, which allows local users to obtain sensitive information by reading the files. IBM X-Force ID: 86176.
CVSS Score
5.5
EPSS Score
0.0
Published
2018-05-01
CVE-2014-6148
IBM Tivoli Application Dependency Discovery Manager (TADDM) 7.2.0.0 through 7.2.0.10, 7.2.1.0 through 7.2.1.6, and 7.2.2.0 through 7.2.2.2 does not require TADDM authentication for rptdesign downloads, which allows remote authenticated users to obtain sensitive database information via a crafted URL.
CVSS Score
3.5
EPSS Score
0.002
Published
2014-10-31
CVE-2012-5770
The SSL configuration in IBM Tivoli Application Dependency Discovery Manager (TADDM) 7.2.x before 7.2.1.4 supports the MD5 hash algorithm, which makes it easier for man-in-the-middle attackers to spoof servers and decrypt network traffic via a brute-force attack.
CVSS Score
5.8
EPSS Score
0.003
Published
2013-03-06
CVE-2012-5939
Cross-site scripting (XSS) vulnerability in Welcome.do in the Data Management Portal Web User Interface in IBM Tivoli Application Dependency Discovery Manager (TADDM) 7.2.x before 7.2.1.4 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL.
CVSS Score
3.5
EPSS Score
0.002
Published
2013-03-06
CVE-2012-5942
Cross-site scripting (XSS) vulnerability in the Data Management Portal Web User Interface in IBM Tivoli Application Dependency Discovery Manager (TADDM) 7.2.x before 7.2.1.4 allows remote authenticated users to inject content, and conduct phishing attacks, via unspecified vectors.
CVSS Score
3.5
EPSS Score
0.002
Published
2013-03-06


Products
Pricing
Contact Us

Shodan ® - All rights reserved