Ibm Infosphere Biginsights — known CVE vulnerabilities
Every CVE whose affected-product data names Ibm Infosphere Biginsights, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (18)
CVE-2015-1947 — CVSS 7.4 (high): Untrusted search path vulnerability in IBM InfoSphere BigInsights 3.0, 3.0.0.1, 3.0.0.2, and 4.0, when a DB2 database is used, allows local…
CVE-2015-1836 — CVSS 7.3 (high): Apache HBase 0.98 before 0.98.12.1, 1.0 before 1.0.1.1, and 1.1 before 1.1.0.1, as used in IBM InfoSphere BigInsights 3.0, 3.0.0.1, and…
CVE-2015-1772 — CVSS 7.3 (high): The LDAP implementation in HiveServer2 in Apache Hive before 1.0.1 and 1.1.x before 1.1.1, as used in IBM InfoSphere BigInsights 3.0…
CVE-2014-4782 — CVSS 6.5 (medium): IBM InfoSphere BigInsights 2.1.2 allows remote authenticated users to discover SMTP server credentials via vectors related to the Alert…
CVE-2015-1889 — CVSS 6.5 (medium): The Big SQL component in IBM InfoSphere BigInsights 3.0 through 3.0.0.2 allows remote authenticated users to bypass intended HDFS…
CVE-2013-3992 — CVSS 6.0 (medium): Cross-site request forgery (CSRF) vulnerability in IBM InfoSphere BigInsights 2.0 through 2.1 allows remote authenticated users to hijack…
CVE-2017-1552 — CVSS 5.4 (medium): IBM Infosphere BigInsights 4.2.0 and 4.2.5 is vulnerable to link injection. By persuading a victim to click on a specially-crafted URL…
CVE-2017-1554 — CVSS 5.4 (medium): IBM Infosphere BigInsights 4.2.0 and 4.2.5 could allow a remote attacker to hijack the clicking action of the victim. By persuading a…
CVE-2017-1553 — CVSS 5.4 (medium): IBM Infosphere BigInsights 4.2.0 and 4.2.5 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary…
CVE-2014-4781 — CVSS 5.0 (medium): The alert module in IBM InfoSphere BigInsights 2.1.2 and 3.x before 3.0.0.2 allows remote attackers to obtain sensitive Alert…
CVE-2013-3996 — CVSS 4.9 (medium): IBM InfoSphere BigInsights 1.1 through 2.1 does not properly handle FRAME elements, which makes it easier for remote authenticated users to…
CVE-2013-3997 — CVSS 4.9 (medium): Open redirect vulnerability in the Web Application Enterprise Console in IBM InfoSphere BigInsights 1.1 and 2.x before 2.1 FP2 allows…
CVE-2017-1336 — CVSS 4.4 (medium): IBM Infosphere BigInsights 4.2.0 could allow an attacker to inject code that could allow access to restricted data and files. IBM X-Force…
CVE-2015-5020 — CVSS 4.3 (medium): The Big SQL component in IBM InfoSphere BigInsights 3.0, 3.0.0.1, 3.0.0.2, and 4.0 allows remote authenticated users to bypass intended…
CVE-2013-3995 — CVSS 3.5 (low): Cross-site scripting (XSS) vulnerability in IBM InfoSphere BigInsights 1.1 through 2.1 allows remote authenticated users to inject…
CVE-2013-3998 — CVSS 3.5 (low): CRLF injection vulnerability in the Web Application Enterprise Console in IBM InfoSphere BigInsights 1.1 and 2.x before 2.1 FP2 allows…
CVE-2014-0905 — CVSS 2.9 (low): IBM InfoSphere BigInsights 2.0 through 2.1.2 does not set the secure flag for the LTPA cookie in an https session, which makes it easier…