Ibm Bigfix Remote Control — known CVE vulnerabilities
Every CVE whose affected-product data names Ibm Bigfix Remote Control, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (23)
CVE-2016-2944 — CVSS 9.8 (critical): IBM BigFix Remote Control before 9.1.3 does not properly restrict failed login attempts, which makes it easier for remote attackers to…
CVE-2016-2963 — CVSS 8.8 (high): Cross-site request forgery (CSRF) vulnerability in IBM BigFix Remote Control before 9.1.3 allows remote attackers to hijack the…
CVE-2016-2929 — CVSS 8.1 (high): IBM BigFix Remote Control before 9.1.3 does not properly restrict password choices, which makes it easier for remote attackers to obtain…
CVE-2016-2948 — CVSS 7.8 (high): IBM BigFix Remote Control before 9.1.3 allows local users to discover hardcoded credentials via unspecified vectors.
CVE-2016-2930 — CVSS 7.5 (high): IBM BigFix Remote Control 9.1.3 could allow a remote attacker to perform actions reserved for an administrator without authentication. IBM…
CVE-2016-2936 — CVSS 7.3 (high): IBM BigFix Remote Control before 9.1.3 uses cleartext storage for unspecified passwords, which allows local users to obtain sensitive…
CVE-2016-2933 — CVSS 6.8 (medium): Directory traversal vulnerability in IBM BigFix Remote Control before 9.1.3 allows remote authenticated administrators to read arbitrary…
CVE-2017-1233 — CVSS 6.7 (medium): IBM Remote Control v9 could allow a local user to use the component to replace files to which he does not have write access and which he…
CVE-2016-2950 — CVSS 6.5 (medium): SQL injection vulnerability in IBM BigFix Remote Control before 9.1.3 allows remote authenticated users to execute arbitrary SQL commands…
CVE-2016-2937 — CVSS 6.5 (medium): IBM BigFix Remote Control before 9.1.3 allows remote attackers to obtain sensitive information or spoof e-mail transmission via a crafted…
CVE-2016-2934 — CVSS 6.1 (medium): Cross-site scripting (XSS) vulnerability in IBM BigFix Remote Control before 9.1.3 allows remote attackers to inject arbitrary web script…
CVE-2016-2927 — CVSS 5.9 (medium): IBM BigFix Remote Control before 9.1.3 does not properly restrict the set of available encryption algorithms, which makes it easier for…
CVE-2015-4954 — CVSS 5.9 (medium): IBM BigFix Remote Control before Interim Fix pack 9.1.2-TIV-IBRC912-IF0001 improperly allows self-signed certificates, which might allow…
CVE-2016-2932 — CVSS 5.3 (medium): IBM BigFix Remote Control before 9.1.3 allows remote attackers to conduct XML injection attacks via unspecified vectors.
CVE-2016-2940 — CVSS 5.3 (medium): Multiple unspecified vulnerabilities in IBM BigFix Remote Control before 9.1.3 allow remote attackers to obtain sensitive information via…
CVE-2016-2931 — CVSS 5.3 (medium): IBM BigFix Remote Control before 9.1.3 allows remote attackers to obtain sensitive cleartext information by sniffing the network.
CVE-2016-2935 — CVSS 5.3 (medium): The broker application in IBM BigFix Remote Control before 9.1.3 allows remote attackers to cause a denial of service via an invalid HTTP…
CVE-2015-4953 — CVSS 4.8 (medium): IBM BigFix Remote Control before Interim Fix pack 9.1.2-TIV-IBRC912-IF0001 makes it easier for man-in-the-middle attackers to decrypt…
CVE-2016-2928 — CVSS 4.3 (medium): IBM BigFix Remote Control before 9.1.3 allows remote authenticated users to obtain sensitive information by reading error logs.
CVE-2016-2951 — CVSS 3.7 (low): IBM BigFix Remote Control before 9.1.3 does not properly set the default encryption strength, which makes it easier for remote attackers to…
CVE-2016-2952 — CVSS 3.7 (low): IBM BigFix Remote Control before 9.1.3 does not enable the HSTS protection mechanism, which makes it easier for remote attackers to obtain…
CVE-2016-2949 — CVSS 3.3 (low): IBM BigFix Remote Control before 9.1.3 allows local users to obtain sensitive information by reading cached web pages from a different…
CVE-2016-2943 — CVSS 1.9 (low): IBM BigFix Remote Control before 9.1.3 allows local users to obtain sensitive information by leveraging unspecified privileges to read a…