Ibm Security Siteprotector System — known CVE vulnerabilities
Every CVE whose affected-product data names Ibm Security Siteprotector System, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (12)
CVE-2020-4150 — CVSS 9.8 (critical): IBM SiteProtector Appliance 3.1.1 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own…
CVE-2015-0160 — CVSS 9.0 (critical): IBM Security SiteProtector System 3.0 before 3.0.0.7, 3.1 before 3.1.0.4, and 3.1.1 before 3.1.1.2 allows remote authenticated users to…
CVE-2015-0172 — CVSS 7.5 (high): IBM Security SiteProtector System 3.0, 3.1.0 and 3.1.1 allows remote attackers to bypass intended security restrictions and consequently…
CVE-2015-0162 — CVSS 7.0 (high): IBM Security SiteProtector System 3.0, 3.1, and 3.1.1 allows local users to gain privileges.
CVE-2015-0161 — CVSS 6.5 (medium): SQL injection vulnerability in IBM Security SiteProtector System 3.0 before 3.0.0.7, 3.1 before 3.1.0.4, and 3.1.1 before 3.1.1.2 allows…
CVE-2015-0171 — CVSS 5.5 (medium): Directory traversal vulnerability in IBM Security SiteProtector System 3.0 before 3.0.0.7, 3.1 before 3.1.0.4, and 3.1.1 before 3.1.1.2…
CVE-2020-4138 — CVSS 5.5 (medium): IBM SiteProtector Appliance 3.1.1 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID…
CVE-2020-4140 — CVSS 5.4 (medium): IBM Security SiteProtector System 3.1.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary…
CVE-2020-4146 — CVSS 5.3 (medium): IBM Security SiteProtector System 3.1.1 could allow a remote attacker to obtain sensitive information, caused by missing 'HttpOnly' flag. A…
CVE-2015-0169 — CVSS 4.0 (medium): IBM Security SiteProtector System 3.0 before 3.0.0.7, 3.1 before 3.1.0.4, and 3.1.1 before 3.1.1.2 allows remote authenticated users to…
CVE-2015-0168 — CVSS 3.5 (low): Cross-site scripting (XSS) vulnerability in IBM Security SiteProtector System 3.0 before 3.0.0.7, 3.1 before 3.1.0.4, and 3.1.1 before…
CVE-2015-0170 — CVSS 2.1 (low): IBM Security SiteProtector System 3.0 before 3.0.0.7, 3.1 before 3.1.0.4, and 3.1.1 before 3.1.1.2 allows local users to obtain sensitive…