Bigfix Security Compliance Analytics
Sign in to watchby IBM
CVEs (5)
| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2017-1197 | Cri | 0.64 | 9.8 | 0.00 | Jun 15, 2017 | IBM BigFix Compliance (TEMA SUAv1 SCA SCM) uses an inadequate account lockout setting that could allow a remote attacker to brute force account credentials. IBM X-Force ID: 123672. | |
| CVE-2017-1196 | Cri | 0.64 | 9.8 | 0.00 | Jun 7, 2017 | IBM BigFix Compliance (TEMA SUAv1 SCA SCM) 1.9.70 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. IBM X-Force ID: 123671. | |
| CVE-2017-1201 | Hig | 0.51 | 7.8 | 0.00 | Oct 5, 2017 | IBM BigFix Compliance Analytics 1.9.79 (TEMA SUAv1 SCA SCM) stores user credentials in clear text which can be read by a local user. IBM X-Force ID: 123676. | |
| CVE-2017-1178 | Med | 0.40 | 6.1 | 0.00 | Jun 7, 2017 | IBM Endpoint Manager for Security and Compliance 1.9.70 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 123430. | |
| CVE-2017-1179 | Med | 0.38 | 5.9 | 0.00 | Jun 8, 2017 | IBM BigFix Compliance Analytics 1.9.79 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 123431. |