Product:

Tivoli_application_dependency_discovery_manager

(Ibm)
Repositories

Unknown:

This might be proprietary software.

#Vulnerabilities 21
Date Id Summary Products Score Patch Annotated
2024-02-02 CVE-2023-47142 IBM Tivoli Application Dependency Discovery Manager 7.3.0.0 through 7.3.0.10 could allow an attacker on the organization's local network to escalate their privileges due to unauthorized API access. IBM X-Force ID: 270267. Tivoli_application_dependency_discovery_manager 8.8
2024-02-02 CVE-2023-47143 IBM Tivoli Application Dependency Discovery Manager 7.3.0.0 through 7.3.0.10 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. This could allow an attacker to conduct various attacks against the vulnerable system, including cross-site scripting, cache poisoning or session hijacking. IBM X-Force ID: 270270. Tivoli_application_dependency_discovery_manager 9.8
2024-02-02 CVE-2023-47144 IBM Tivoli Application Dependency Discovery Manager 7.3.0.0 through 7.3.0.10 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 270271. Tivoli_application_dependency_discovery_manager 6.1
2013-07-23 CVE-2013-4002 XMLscanner.java in Apache Xerces2 Java Parser before 2.12.0, as used in the Java Runtime Environment (JRE) in IBM Java 5.0 before 5.0 SR16-FP3, 6 before 6 SR14, 6.0.1 before 6.0.1 SR6, and 7 before 7 SR5 as well as Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, Java SE Embedded 7u40 and earlier, and possibly other products allows remote attackers to cause a denial of service via vectors related... Xerces2_java, Ubuntu_linux, Host_on\-Demand, Java, Sterling_b2b_integrator, Sterling_file_gateway, Tivoli_application_dependency_discovery_manager, Opensuse, Jdk, Jre, Jrockit, Linux_enterprise_desktop, Linux_enterprise_java, Linux_enterprise_sdk, Linux_enterprise_server N/A
2019-02-04 CVE-2018-1675 IBM Tivoli Application Dependency Discovery Manager 7.2.2 and 7.3 could expose password hashes in stored in system memory on target systems that are configured to use TADDM. IBM X-Force ID: 145110. Tivoli_application_dependency_discovery_manager 7.5
2018-08-15 CVE-2018-1455 IBM Tivoli Application Dependency Discovery Manager 7.2.2 and 7.3 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 11029. Tivoli_application_dependency_discovery_manager 8.8
2017-04-14 CVE-2016-8927 IBM Tivoli Application Dependency Discovery Manager 7.2.2 and 7.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 118540. Tivoli_application_dependency_discovery_manager 5.4
2017-04-14 CVE-2016-8926 IBM Tivoli Application Dependency Discovery Manager 7.2.2 and 7.3 could allow a remote attacker to read system files or data that is restricted to authorized users. IBM X-Force ID: 118539. Tivoli_application_dependency_discovery_manager 4.3
2017-04-14 CVE-2016-8925 IBM Tivoli Application Dependency Discovery Manager 7.2.2 and 7.3 could allow a remote attacker to include arbitrary files which could allow the attacker to read any file on the system. IBM X-Force ID: 118538. Tivoli_application_dependency_discovery_manager 6.5
2014-10-31 CVE-2014-6150 Cross-site scripting (XSS) vulnerability in IBM Tivoli Application Dependency Discovery Manager (TADDM) 7.2.1.0 through 7.2.1.6 and 7.2.2.0 through 7.2.2.2 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL. Tivoli_application_dependency_discovery_manager N/A