Tivoli Netcool\/omnibus
by IBM
CVEs (36)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2021-29808 | 0.00 | — | 0.01 | Sep 20, 2021 | IBM Jazz for Service Management and IBM Tivoli Netcool/OMNIbus_GUI 8.1.0 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials… | |||
| CVE-2021-29807 | 0.00 | — | 0.01 | Sep 20, 2021 | IBM Jazz for Service Management and IBM Tivoli Netcool/OMNIbus_GUI 8.1.0 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials… | |||
| CVE-2021-29806 | 0.00 | — | 0.01 | Sep 20, 2021 | IBM Jazz for Service Management and IBM Tivoli Netcool/OMNIbus_GUI 8.1.0 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials… | |||
| CVE-2021-29822 | 0.00 | — | 0.01 | Jul 12, 2021 | IBM Tivoli Netcool/OMNIbus_GUI 8.1.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM… | |||
| CVE-2021-29805 | 0.00 | — | 0.01 | Jul 12, 2021 | IBM Tivoli Netcool/OMNIbus_GUI 8.1.0 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.… | |||
| CVE-2021-29804 | 0.00 | — | 0.01 | Jul 12, 2021 | IBM Tivoli Netcool/OMNIbus_GUI 8.1.0 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.… | |||
| CVE-2021-29803 | 0.00 | — | 0.01 | Jul 12, 2021 | IBM Tivoli Netcool/OMNIbus_GUI 8.1.0 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.… | |||
| CVE-2021-20336 | 0.00 | — | 0.01 | Mar 11, 2021 | IBM Tivoli Netcool/OMNIbus_GUI 8.1.0 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. | |||
| CVE-2020-4199 | 0.00 | — | 0.00 | Mar 18, 2020 | IBM Tivoli Netcool/OMNIbus 8.1.0 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 174910. | |||
| CVE-2020-4198 | 0.00 | — | 0.01 | Mar 3, 2020 | IBM Tivoli Netcool/OMNIbus_GUI 8.1.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM… | |||
| CVE-2020-4197 | 0.00 | — | 0.00 | Mar 3, 2020 | IBM Tivoli Netcool/OMNIbus_GUI 8.1.0 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 174908. | |||
| CVE-2020-4196 | 0.00 | — | 0.01 | Mar 3, 2020 | IBM Tivoli Netcool/OMNIbus_GUI 8.1.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM… | |||
| CVE-2014-3032 | 0.00 | — | 0.01 | Jan 17, 2015 | Cross-site scripting (XSS) vulnerability in the Web GUI in IBM Tivoli Netcool/OMNIbus 7.3.0 before 7.3.0.6, 7.3.1 before 7.3.1.7, and 7.4.0 before 7.4.0.3 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL. | |||
| CVE-2014-0942 | 0.00 | — | 0.01 | May 1, 2014 | Cross-site scripting (XSS) vulnerability in webtop/eventviewer/eventViewer.jsp in the Web GUI in IBM Netcool/OMNIbus 7.4.0 before FP2 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL, a different vulnerability than CVE-2014-0941. | |||
| CVE-2014-0941 | 0.00 | — | 0.01 | May 1, 2014 | Cross-site scripting (XSS) vulnerability in webtop/eventviewer/eventViewer.jsp in the Web GUI in IBM Netcool/OMNIbus 7.4.0 before FP2 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL, a different vulnerability than CVE-2014-0942. | |||
| CVE-2011-1343 | 0.00 | — | 0.01 | Mar 9, 2011 | SQL injection vulnerability in the Web GUI in IBM Tivoli Netcool/OMNIbus before 7.3.0.4 allows remote attackers to execute arbitrary SQL commands via "dynamic SQL parameters." |
- CVE-2021-29808Sep 20, 2021risk 0.00cvss —epss 0.01
IBM Jazz for Service Management and IBM Tivoli Netcool/OMNIbus_GUI 8.1.0 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials…
- CVE-2021-29807Sep 20, 2021risk 0.00cvss —epss 0.01
IBM Jazz for Service Management and IBM Tivoli Netcool/OMNIbus_GUI 8.1.0 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials…
- CVE-2021-29806Sep 20, 2021risk 0.00cvss —epss 0.01
IBM Jazz for Service Management and IBM Tivoli Netcool/OMNIbus_GUI 8.1.0 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials…
- CVE-2021-29822Jul 12, 2021risk 0.00cvss —epss 0.01
IBM Tivoli Netcool/OMNIbus_GUI 8.1.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM…
- CVE-2021-29805Jul 12, 2021risk 0.00cvss —epss 0.01
IBM Tivoli Netcool/OMNIbus_GUI 8.1.0 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.…
- CVE-2021-29804Jul 12, 2021risk 0.00cvss —epss 0.01
IBM Tivoli Netcool/OMNIbus_GUI 8.1.0 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.…
- CVE-2021-29803Jul 12, 2021risk 0.00cvss —epss 0.01
IBM Tivoli Netcool/OMNIbus_GUI 8.1.0 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.…
- CVE-2021-20336Mar 11, 2021risk 0.00cvss —epss 0.01
IBM Tivoli Netcool/OMNIbus_GUI 8.1.0 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
- CVE-2020-4199Mar 18, 2020risk 0.00cvss —epss 0.00
IBM Tivoli Netcool/OMNIbus 8.1.0 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 174910.
- CVE-2020-4198Mar 3, 2020risk 0.00cvss —epss 0.01
IBM Tivoli Netcool/OMNIbus_GUI 8.1.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM…
- CVE-2020-4197Mar 3, 2020risk 0.00cvss —epss 0.00
IBM Tivoli Netcool/OMNIbus_GUI 8.1.0 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 174908.
- CVE-2020-4196Mar 3, 2020risk 0.00cvss —epss 0.01
IBM Tivoli Netcool/OMNIbus_GUI 8.1.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM…
- CVE-2014-3032Jan 17, 2015risk 0.00cvss —epss 0.01
Cross-site scripting (XSS) vulnerability in the Web GUI in IBM Tivoli Netcool/OMNIbus 7.3.0 before 7.3.0.6, 7.3.1 before 7.3.1.7, and 7.4.0 before 7.4.0.3 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL.
- CVE-2014-0942May 1, 2014risk 0.00cvss —epss 0.01
Cross-site scripting (XSS) vulnerability in webtop/eventviewer/eventViewer.jsp in the Web GUI in IBM Netcool/OMNIbus 7.4.0 before FP2 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL, a different vulnerability than CVE-2014-0941.
- CVE-2014-0941May 1, 2014risk 0.00cvss —epss 0.01
Cross-site scripting (XSS) vulnerability in webtop/eventviewer/eventViewer.jsp in the Web GUI in IBM Netcool/OMNIbus 7.4.0 before FP2 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL, a different vulnerability than CVE-2014-0942.
- CVE-2011-1343Mar 9, 2011risk 0.00cvss —epss 0.01
SQL injection vulnerability in the Web GUI in IBM Tivoli Netcool/OMNIbus before 7.3.0.4 allows remote attackers to execute arbitrary SQL commands via "dynamic SQL parameters."
Page 2 of 2