) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.
Search Results (Refine Search)
- CPE Product Version: cpe:/a:ibm:tivoli_endpoint_manager:8.1
| Vuln ID | Summary | CVSS Severity |
|---|---|---|
| CVE-2014-6137 |
Cross-site scripting (XSS) vulnerability in the Relay Diagnostic page in IBM Tivoli Endpoint Manager 9.1 before 9.1.1229 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Published: February 15, 2015; 7:59:04 PM -0500 |
V3.x:(not available) V2.0: 4.3 MEDIUM |
| CVE-2014-6113 |
Cross-site scripting (XSS) vulnerability in the Web Reports component in IBM Tivoli Endpoint Manager 9.1 before 9.1.1229 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Published: February 15, 2015; 7:59:01 PM -0500 |
V3.x:(not available) V2.0: 4.3 MEDIUM |
| CVE-2013-0453 |
Cross-site scripting (XSS) vulnerability in Web Reports in IBM Tivoli Endpoint Manager (TEM) before 8.2.1372 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL. Published: March 21, 2013; 4:55:01 PM -0400 |
V3.x:(not available) V2.0: 3.5 LOW |
| CVE-2012-1837 |
The (1) webreports, (2) post/create-role, and (3) post/update-role programs in IBM Tivoli Endpoint Manager (TEM) before 8.2 do not include the HTTPOnly flag in a Set-Cookie header for a cookie, which makes it easier for remote attackers to obtain potentially sensitive information via script access to this cookie. Published: March 21, 2012; 11:28:04 PM -0400 |
V3.x:(not available) V2.0: 5.0 MEDIUM |
| CVE-2012-0719 |
Cross-site scripting (XSS) vulnerability in IBM Tivoli Endpoint Manager (TEM) 8 before 8.2 patch 3 allows remote attackers to inject arbitrary web script or HTML via the ScheduleParam parameter to the webreports program. Published: March 21, 2012; 11:28:04 PM -0400 |
V3.x:(not available) V2.0: 4.3 MEDIUM |