Filtered by vendor Ibm Subscriptions
Filtered by product Jazz For Service Management Subscriptions
Total 26 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2023-46186 1 Ibm 1 Jazz For Service Management 2024-11-21 5.3 Medium
IBM Jazz for Service Management 1.1.3.20 could allow an unauthorized user to obtain sensitive file information using forced browsing due to improper access controls. IBM X-Force ID: 269929.
CVE-2022-35722 1 Ibm 1 Jazz For Service Management 2024-11-21 5.4 Medium
IBM Jazz for Service Management is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 231381.
CVE-2022-35721 3 Ibm, Linux, Microsoft 4 Aix, Jazz For Service Management, Linux Kernel and 1 more 2024-11-21 5.4 Medium
IBM Jazz for Service Management 1.1.3 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 231380.
CVE-2021-38877 3 Ibm, Linux, Microsoft 4 Aix, Jazz For Service Management, Linux Kernel and 1 more 2024-11-21 5.4 Medium
IBM Jazz for Service Management 1.1.3.10 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 208405.
CVE-2021-29905 3 Ibm, Linux, Microsoft 4 Aix, Jazz For Service Management, Linux Kernel and 1 more 2024-11-21 5.4 Medium
IBM Jazz for Service Management 1.1.3.10 and IBM Tivoli Netcool/OMNIbus_GUI is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 207616.
CVE-2021-29904 3 Ibm, Linux, Microsoft 4 Aix, Jazz For Service Management, Linux Kernel and 1 more 2024-11-21 5.5 Medium
IBM Jazz for Service Management 1.1.3.10 and IBM Tivoli Netcool/OMNIbus_GUI displays user credentials in plain clear text which can be read by a local user. IBM X-Force ID: 207610.
CVE-2021-29833 3 Ibm, Linux, Microsoft 4 Aix, Jazz For Service Management, Linux Kernel and 1 more 2024-11-21 5.4 Medium
IBM Jazz for Service Management 1.1.3.10 and IBM Tivoli Netcool/OMNIbus_GUI is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 204825.
CVE-2021-29832 3 Ibm, Linux, Microsoft 4 Aix, Jazz For Service Management, Linux Kernel and 1 more 2024-11-21 5.4 Medium
IBM Jazz for Service Management 1.1.3.10 and IBM Tivoli Netcool/OMNIbus_GUI is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 204824.
CVE-2021-29831 1 Ibm 2 Jazz For Service Management, Tivoli Netcool\/omnibus Gui 2024-11-21 8.1 High
IBM Jazz for Service Management 1.1.3.10 and IBM Tivoli Netcool/OMNIbus_GUI is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 204775.
CVE-2021-29816 3 Ibm, Linux, Microsoft 4 Aix, Jazz For Service Management, Linux Kernel and 1 more 2024-11-21 6.5 Medium
IBM Jazz for Service Management 1.1.3.10 and IBM Tivoli Netcool/OMNIbus_GUI is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 204341.
CVE-2021-29815 3 Ibm, Linux, Microsoft 4 Aix, Jazz For Service Management, Linux Kernel and 1 more 2024-11-21 5.4 Medium
IBM Jazz for Service Management 1.1.3.10 and IBM Tivoli Netcool/OMNIbus_GUI is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 204340.
CVE-2021-29814 3 Ibm, Linux, Microsoft 4 Aix, Jazz For Service Management, Linux Kernel and 1 more 2024-11-21 5.4 Medium
IBM Jazz for Service Management 1.1.3.10 and IBM Tivoli Netcool/OMNIbus_GUI is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 204334.
CVE-2021-29813 3 Ibm, Linux, Microsoft 4 Aix, Jazz For Service Management, Linux Kernel and 1 more 2024-11-21 5.4 Medium
IBM Jazz for Service Management 1.1.3.10 and IBM Tivoli Netcool/OMNIbus_GUI is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 204331.
CVE-2021-29812 3 Ibm, Linux, Microsoft 4 Aix, Jazz For Service Management, Linux Kernel and 1 more 2024-11-21 5.4 Medium
IBM Jazz for Service Management 1.1.3.10 and IBM Tivoli Netcool/OMNIbus_GUI is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 204330.
CVE-2021-29810 3 Ibm, Linux, Microsoft 4 Aix, Jazz For Service Management, Linux Kernel and 1 more 2024-11-21 5.4 Medium
IBM Jazz for Service Management 1.1.3.10 and IBM Tivoli Netcool/OMNIbus_GUI is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 204279.
CVE-2021-29800 1 Ibm 2 Jazz For Service Management, Tivoli Netcool\/omnibus Webgui 2024-11-21 5.4 Medium
IBM Tivoli Netcool/OMNIbus_GUI and IBM Jazz for Service Management 1.1.3.10 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
CVE-2019-4718 1 Ibm 1 Jazz For Service Management 2024-11-21 5.4 Medium
IBM Jazz for Service Management 3.13 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 172123.
CVE-2019-4275 1 Ibm 1 Jazz For Service Management 2024-11-21 5.5 Medium
IBM Jazz for Service Management 1.1.3, 1.1.3.1, and 1.1.3.2 could allow an unauthorized local user to create unique catalog names that could cause a denial of service. IBM X-Force ID: 160296.
CVE-2019-4201 1 Ibm 1 Jazz For Service Management 2024-11-21 6.1 Medium
IBM Jazz for Service Management 1.1.3, 1.1.3.1, and 1.1.3.2 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to spoof the URL displayed to redirect a user to a malicious Web site that would appear to be trusted. This could allow the attacker to obtain highly sensitive information or conduct further attacks against the victim. IBM X-Force ID: 159122.
CVE-2019-4194 1 Ibm 1 Jazz For Service Management 2024-11-21 4.3 Medium
IBM Jazz for Service Management 1.1.3, 1.1.3.1, and 1.1.3.2 is missing function level access control that could allow a user to delete authorized resources. IBM X-Force ID: 159033.