This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Ibm First view 2017-03-08
Product Tivoli Monitoring Last view 2020-02-13
Version 6.3.0.5 Type Application
Update *  
Edition *  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:a:ibm:tivoli_monitoring

Activity : Overall

Related : CVE

  Date Alert Description
7.5 2020-02-13 CVE-2019-4592

IBM Tivoli Monitoring Service 6.3.0.7.3 through 6.3.0.7.10 could allow an unauthorized user to access and modify operation aspects of the ITM monitoring server possibly leading to an effective denial of service or disabling of the monitoring server. IBM X-Force ID: 167647.

7.5 2018-09-19 CVE-2017-1794

IBM Tivoli Monitoring 6.2.3 through 6.2.3.5 and 6.3.0 through 6.3.0.7 are vulnerable to both TEPS user privilege escalation and possible denial of service due to unconstrained memory growth. IBM X-Force ID: 137039.

9.8 2018-03-22 CVE-2017-1789

IBM Tivoli Monitoring V6 6.2.3 and 6.3.0 could allow an unauthenticated user to remotely execute code through unspecified methods. IBM X-Force ID: 137034.

5.3 2017-06-27 CVE-2016-6083

IBM Tivoli Monitoring V6 could allow an unauthenticated user to access SOAP queries that could contain sensitive information. IBM X-Force ID: 117696.

4.6 2017-03-08 CVE-2016-5933

IBM Tivoli Monitoring 6.2 and 6.3 is vulnerable to possible host header injection attack that could lead to HTTP cache poisoning or firewall bypass. IBM Reference #: 1997223.

CWE : Common Weakness Enumeration

%idName
25% (1) CWE-400 Uncontrolled Resource Consumption ('Resource Exhaustion')
25% (1) CWE-254 Security Features
25% (1) CWE-200 Information Exposure
25% (1) CWE-94 Failure to Control Generation of Code ('Code Injection')

Nessus® Vulnerability Scanner

id Description
2017-06-30 Name: An application installed on the Windows host is affected by an information di...
File: ibm_tms_config_soap_is_secure.nasl - Type: ACT_GATHER_INFO