IBM » Tivoli Endpoint Manager : Security Vulnerabilities, CVEs, Published In 2012
Unspecified vulnerability in Tivoli Endpoint Manager for Remote Control Broker 8.2 before 8.2.1-TIV-TEMRC821-IF0002 allows remote attackers to cause a denial of service (resource consumption) via unknown vectors.
Max CVSS
5.0
EPSS Score
0.62%
Published
2012-11-29
Updated
2017-08-29
The (1) webreports, (2) post/create-role, and (3) post/update-role programs in IBM Tivoli Endpoint Manager (TEM) before 8.2 do not include the HTTPOnly flag in a Set-Cookie header for a cookie, which makes it easier for remote attackers to obtain potentially sensitive information via script access to this cookie.
Max CVSS
5.0
EPSS Score
0.31%
Published
2012-03-22
Updated
2018-01-10
Cross-site scripting (XSS) vulnerability in IBM Tivoli Endpoint Manager (TEM) 8 before 8.2 patch 3 allows remote attackers to inject arbitrary web script or HTML via the ScheduleParam parameter to the webreports program.
Max CVSS
4.3
EPSS Score
2.82%
Published
2012-03-22
Updated
2017-08-29
3 vulnerabilities found