IBM : Security Vulnerabilities, CVEs, Published In October 2014 (Gain Privilege)
IBM Tivoli Application Dependency Discovery Manager (TADDM) 7.2.0.0 through 7.2.0.10, 7.2.1.0 through 7.2.1.6, and 7.2.2.0 through 7.2.2.2 does not require TADDM authentication for rptdesign downloads, which allows remote authenticated users to obtain sensitive database information via a crafted URL.
Max CVSS
3.5
EPSS Score
0.14%
Published
2014-10-31
Updated
2017-09-08
The Telemetry Component in WebSphere MQ 8.0.0.1 before p000-001-L140910 allows remote attackers to bypass authentication by setting the JAASConfig property in an MQTT client configuration.
Max CVSS
4.3
EPSS Score
0.27%
Published
2014-10-19
Updated
2017-09-08
2 vulnerabilities found