This CPE summary could be partial or incomplete. Please contact us for a detailed listing.


Vendor Ibm First view 2015-02-01
Product Tivoli Monitoring Last view 2020-02-13
Version Type Application
Update *  
Edition *  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
CPE Product cpe:2.3:a:ibm:tivoli_monitoring

Activity : Overall

Related : CVE

  Date Alert Description
7.5 2020-02-13 CVE-2019-4592

IBM Tivoli Monitoring Service through could allow an unauthorized user to access and modify operation aspects of the ITM monitoring server possibly leading to an effective denial of service or disabling of the monitoring server. IBM X-Force ID: 167647.

7.5 2018-09-19 CVE-2017-1794

IBM Tivoli Monitoring 6.2.3 through and 6.3.0 through are vulnerable to both TEPS user privilege escalation and possible denial of service due to unconstrained memory growth. IBM X-Force ID: 137039.

9.8 2018-03-22 CVE-2017-1789

IBM Tivoli Monitoring V6 6.2.3 and 6.3.0 could allow an unauthenticated user to remotely execute code through unspecified methods. IBM X-Force ID: 137034.

7.5 2017-07-17 CVE-2017-1183

IBM Tivoli Monitoring Portal v6 could allow a local (network adjacent) attacker to modify SQL commands to the Portal Server, when default client-server communications, HTTP, are being used. IBM X-Force ID: 123494.

7.5 2017-07-17 CVE-2017-1182

IBM Tivoli Monitoring Portal v6 could allow a local (network adjacent) attacker to execute arbitrary commands on the system, when default client-server default communications, HTTP, are being used. IBM X-Force ID: 123493.

7 2017-07-17 CVE-2017-1181

IBM Tivoli Monitoring Portal V6 client could allow a local attacker to gain elevated privileges for IBM Tivoli Monitoring, caused by the default console connection not being encrypted. IBM X-Force ID: 123487.

5.3 2017-06-27 CVE-2016-6083

IBM Tivoli Monitoring V6 could allow an unauthenticated user to access SOAP queries that could contain sensitive information. IBM X-Force ID: 117696.

4.6 2017-03-08 CVE-2016-5933

IBM Tivoli Monitoring 6.2 and 6.3 is vulnerable to possible host header injection attack that could lead to HTTP cache poisoning or firewall bypass. IBM Reference #: 1997223.

8.5 2015-02-01 CVE-2014-6141

IBM Tivoli Monitoring (ITM) 6.2.0 through FP03, 6.2.1 through FP04, 6.2.2 through FP09, 6.2.3 through FP05, and 6.3.0 before FP04 allows remote authenticated users to bypass intended access restrictions and execute arbitrary commands by leveraging Take Action view authority to modify in-progress commands.

CWE : Common Weakness Enumeration

14% (1) CWE-400 Uncontrolled Resource Consumption ('Resource Exhaustion')
14% (1) CWE-319 Cleartext Transmission of Sensitive Information
14% (1) CWE-264 Permissions, Privileges, and Access Controls
14% (1) CWE-254 Security Features
14% (1) CWE-200 Information Exposure
14% (1) CWE-94 Failure to Control Generation of Code ('Code Injection')
14% (1) CWE-89 Improper Sanitization of Special Elements used in an SQL Command ('...

Nessus® Vulnerability Scanner

id Description
2017-06-30 Name: An application installed on the Windows host is affected by an information di...
File: ibm_tms_config_soap_is_secure.nasl - Type: ACT_GATHER_INFO