VYPR

Tivoli Monitoring

by IBM

CVEs (35)

  • CVE-2025-3355Oct 30, 2025
    risk 0.00cvss epss 0.00

    IBM Tivoli Monitoring 6.3.0.7 through 6.3.0.7 Service Pack 21 could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system.

  • CVE-2025-3354Aug 6, 2025
    risk 0.00cvss epss 0.00

    IBM Tivoli Monitoring 6.3.0.7 through 6.3.0.7 Service Pack 20 is vulnerable to a heap-based buffer overflow, caused by improper bounds checking. A remote attacker could overflow a buffer and execute arbitrary code on the system or cause the server to crash.

  • CVE-2025-3320Aug 6, 2025
    risk 0.00cvss epss 0.00

    IBM Tivoli Monitoring 6.3.0.7 through 6.3.0.7 Service Pack 20 is vulnerable to a heap-based buffer overflow, caused by improper bounds checking. A remote attacker could overflow a buffer and execute arbitrary code on the system or cause the server to crash.

  • CVE-2025-3357May 28, 2025
    risk 0.00cvss epss 0.01

    IBM Tivoli Monitoring 6.3.0.7 through 6.3.0.7 Service Pack 19 could allow a remote attacker to execute arbitrary code due to improper validation of an index value of a dynamically allocated array.

  • CVE-2020-4311Apr 23, 2020
    risk 0.00cvss epss 0.00

    IBM Tivoli Monitoring 6.3.0 could allow a local attacker to execute arbitrary code on the system. By placing a specially crafted file, an attacker could exploit this vulnerability to load other DLL files located in the same directory and execute arbitrary code on the system. IBM…

  • CVE-2019-4592Feb 13, 2020
    risk 0.00cvss epss 0.01

    IBM Tivoli Monitoring Service 6.3.0.7.3 through 6.3.0.7.10 could allow an unauthorized user to access and modify operation aspects of the ITM monitoring server possibly leading to an effective denial of service or disabling of the monitoring server. IBM X-Force ID: 167647.

  • CVE-2019-4131Jul 11, 2019
    risk 0.00cvss epss 0.02

    IBM Application Performance Management (IBM Monitoring 8.1.4) could allow a remote attacker to induce the application to perform server-side DNS lookups of arbitrary domain names. IBM X-Force ID: 158270.

  • CVE-2014-6141Feb 2, 2015
    risk 0.00cvss epss 0.02

    IBM Tivoli Monitoring (ITM) 6.2.0 through FP03, 6.2.1 through FP04, 6.2.2 through FP09, 6.2.3 through FP05, and 6.3.0 before FP04 allows remote authenticated users to bypass intended access restrictions and execute arbitrary commands by leveraging Take Action view authority to…

  • CVE-2013-2961Jun 21, 2013
    risk 0.00cvss epss 0.02

    The internal web server in the Basic Services component in IBM Tivoli Monitoring (ITM) 6.2.0 through FP3, 6.2.1 through FP4, 6.2.2 through FP9, and 6.2.3 before FP3, as used in IBM Application Manager for Smart Business (formerly Tivoli Foundations Application Manager) 1.2.1…

  • CVE-2013-2960Jun 21, 2013
    risk 0.00cvss epss 0.03

    Buffer overflow in KDSMAIN in the Basic Services component in IBM Tivoli Monitoring (ITM) 6.2.0 through FP3, 6.2.1 through FP4, 6.2.2 through FP9, and 6.2.3 before FP3, as used in IBM Application Manager for Smart Business (formerly Tivoli Foundations Application Manager) 1.2.1…

  • CVE-2013-0551Jun 21, 2013
    risk 0.00cvss epss 0.02

    The Basic Services component in IBM Tivoli Monitoring (ITM) 6.2.0 through FP3, 6.2.1 through FP4, 6.2.2 through FP9, and 6.2.3 before FP3, as used in IBM Application Manager for Smart Business (formerly Tivoli Foundations Application Manager) 1.2.1 before…

  • CVE-2013-0548Jun 21, 2013
    risk 0.00cvss epss 0.01

    Multiple cross-site scripting (XSS) vulnerabilities in the Basic Services component in IBM Tivoli Monitoring (ITM) 6.2.0 through FP3, 6.2.1 through FP4, 6.2.2 through FP9, and 6.2.3 before FP3, as used in IBM Application Manager for Smart Business (formerly Tivoli Foundations…

  • CVE-2013-0576May 28, 2013
    risk 0.00cvss epss 0.01

    Cross-site scripting (XSS) vulnerability in the Tivoli Enterprise Portal browser client in IBM Tivoli Monitoring 6.2.0 through FP03, 6.2.1 through FP04, 6.2.2 through FP09, and 6.2.3 through FP02 allows remote attackers to inject arbitrary web script or HTML via unspecified…

  • CVE-2012-4820Jan 11, 2013
    risk 0.00cvss epss 0.05

    Unspecified vulnerability in the JRE component in IBM Java 7 SR2 and earlier, Java 6.0.1 SR3 and earlier, Java 6 SR11 and earlier, Java 5 SR14 and earlier, and Java 142 SR13 FP13 and earlier; as used in IBM Rational Host On-Demand, Rational Change, Tivoli Monitoring, Smart…

  • CVE-2012-3297Dec 8, 2012
    risk 0.00cvss epss 0.01

    Cross-site scripting (XSS) vulnerability in the embedded HTTP server in the Service Console in IBM Tivoli Monitoring 6.2.2 before 6.2.2-TIV-ITM-FP0009 and 6.3.2 before 6.2.3-TIV-ITM-FP0001 allows remote attackers to inject arbitrary web script or HTML via a crafted URI.

Page 2 of 2