Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Intelligent_operations_center
(Ibm)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 11 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2020-07-28 | CVE-2020-4317 | IBM Intelligent Operations Center for Emergency Management, Intelligent Operations Center (IOC), and IBM Water Operations for Waternamics are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 177355. | Intelligent_operations_center, Intelligent_operations_center_for_emergency_management, Water_operations_for_waternamics | 5.4 | ||
| 2020-07-28 | CVE-2020-4318 | IBM Intelligent Operations Center for Emergency Management, Intelligent Operations Center (IOC), and IBM Water Operations for Waternamics are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 177356. | Intelligent_operations_center, Intelligent_operations_center_for_emergency_management, Water_operations_for_waternamics | 5.4 | ||
| 2019-06-07 | CVE-2019-4067 | IBM Intelligent Operations Center (IOC) 5.1.0 through 5.2.0 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. IBM X-Force ID: 157012. | Intelligent_operations_center, Intelligent_operations_center_for_emergency_management, Water_operations_for_waternamics | 7.5 | ||
| 2019-06-07 | CVE-2019-4070 | IBM Intelligent Operations Center (IOC) 5.1.0 through 5.2.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 157015. | Intelligent_operations_center, Intelligent_operations_center_for_emergency_management, Water_operations_for_waternamics | 5.4 | ||
| 2019-08-20 | CVE-2019-4419 | IBM Intelligent Operations Center V5.1.0 through V5.2.0 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 162737. | Intelligent_operations_center, Intelligent_operations_center_for_emergency_management, Water_operations_for_waternamics | 8.2 | ||
| 2019-08-20 | CVE-2019-4420 | IBM Intelligent Operations Center V5.1.0 through V5.2.0 could disclose detailed error messages, revealing sensitive information that could aid in further attacks against the system. IBM X-Force ID: 162738. | Intelligent_operations_center, Intelligent_operations_center_for_emergency_management, Water_operations_for_waternamics | 6.2 | ||
| 2019-06-07 | CVE-2019-4068 | IBM Intelligent Operations Center (IOC) 5.1.0 through 5.2.0 is vulnerable to user enumeration, allowing an attacker to brute force into the system. IBM X-Force ID: 157013. | Intelligent_operations_center, Intelligent_operations_center_for_emergency_management, Water_operations_for_waternamics | 7.5 | ||
| 2019-06-07 | CVE-2019-4069 | IBM Intelligent Operations Center (IOC) 5.1.0 through 5.2.0 does not properly validate file types, allowing an attacker to upload malicious content. IBM X-Force ID: 157014. | Intelligent_operations_center, Intelligent_operations_center_for_emergency_management, Water_operations_for_waternamics | 8.8 | ||
| 2019-09-05 | CVE-2019-4321 | IBM Intelligent Operations Center V5.1.0 - V5.2.0, IBM Intelligent Operations Center for Emergency Management V5.1.0 - V5.1.0.6, and IBM Water Operations for Waternamics V5.1.0 - V5.2.1.1 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. IBM X-Force ID: 161201. | Intelligent_operations_center, Intelligent_operations_center_for_emergency_management, Water_operations_for_waternamics | 7.5 | ||
| 2019-06-07 | CVE-2019-4066 | IBM Intelligent Operations Center (IOC) 5.1.0 through 5.2.0 could allow an authenciated user to create arbitrary users which could cause ID management issues and result in code execution. IBM X-Force ID: 157011. | Intelligent_operations_center, Intelligent_operations_center_for_emergency_management, Water_operations_for_waternamics | 8.8 |