IBM : Security Vulnerabilities, CVEs, Published In 2008 (Information Leak) CVSS score >= 5
PerfServlet in the PMI/Performance Tools component in IBM WebSphere Application Server (WAS) 7 before 7.0.0.1 allows attackers to obtain sensitive information by reading the (1) systemout.log and (2) ffdc files. NOTE: this is probably a duplicate of CVE-2009-0434.
Max CVSS
5.0
EPSS Score
0.18%
Published
2008-12-10
Updated
2011-08-23
IBM Lotus Connections 2.x before 2.0.1 allows attackers to discover passwords via unspecified vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Max CVSS
5.0
EPSS Score
0.16%
Published
2008-10-31
Updated
2017-08-08
The SORT/LIST SERVICES component in IBM DB2 9.1 before FP6 and 9.5 before FP2 writes sensitive information to the trace output, which allows attackers to obtain sensitive information by reading "PASSWORD-RELATED CONNECTION STRING KEYWORD VALUES."
Max CVSS
5.0
EPSS Score
0.27%
Published
2008-10-22
Updated
2017-08-08
The CQWeb login page in IBM Rational ClearQuest 7.0.1 allows remote attackers to obtain potentially sensitive information (page source code) via a combination of ?script? and ?/script? sequences in the id field, possibly related to a cross-site scripting (XSS) vulnerability.
Max CVSS
5.0
EPSS Score
0.28%
Published
2008-08-08
Updated
2017-08-08
IBM Rational ClearQuest 7.0.1.1 and 7.0.0.2 might allow local or remote attackers to obtain sensitive information about users by reading user cookies.
Max CVSS
5.0
EPSS Score
0.58%
Published
2008-03-11
Updated
2017-08-08
5 vulnerabilities found