VYPR

Tivoli Provisioning Manager

by IBM

CVEs (4)

  • CVE-2025-7766HigJul 22, 2025
    risk 0.55cvss 8.0epss 0.02

    Lantronix Provisioning Manager is vulnerable to XML external entity attacks in configuration files supplied by network devices, leading to unauthenticated remote code execution on hosts with Provisioning Manager installed.

  • CVE-2008-5686Dec 19, 2008
    risk 0.00cvss epss 0.02

    IBM Tivoli Provisioning Manager (TPM) before 5.1.1.1 IF0006, when its LDAP service is shared with other applications, does not require that an LDAP user be listed in the TPM user records, which allows remote authenticated users to execute SOAP commands that access arbitrary TPM…

  • CVE-2007-6408Dec 17, 2007
    risk 0.00cvss epss 0.01

    IBM Tivoli Provisioning Manager Express provides unspecified information in error messages when (1) attempted duplication of a username occurs when creating an account or (2) when trying to login using a valid username, which makes it easier for remote attackers to enumerate…

  • CVE-2007-6407Dec 17, 2007
    risk 0.00cvss epss 0.01

    Multiple cross-site scripting (XSS) vulnerabilities in IBM Tivoli Provisioning Manager Express allow remote attackers to inject arbitrary web script or HTML via the (1) "assess modification," (2) user-id, and other unspecified fields to the /tpmx URI; or (3) involving…