VYPR

Bigfix

by IBM

CVEs (3)

  • CVE-2017-1221CriNov 13, 2017
    risk 0.64cvss 9.8epss 0.02

    IBM Tivoli Endpoint Manager (IBM BigFix 9.2 and 9.5) does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. IBM X-Force ID: 123861.

  • CVE-2017-1229MedNov 13, 2017
    risk 0.38cvss 5.9epss 0.01

    IBM Tivoli Endpoint Manager (IBM BigFix 9.2 and 9.5) could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information using man in…

  • CVE-2016-0292MedAug 30, 2016
    risk 0.36cvss 5.5epss 0.00

    WebReports in IBM BigFix Platform (formerly Tivoli Endpoint Manager) 9.x before 9.5.2 allows local users to discover the cleartext system password by reading a report.