The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Computer vulnerabilities of Tivoli System Automation

WebSphere AS: information disclosure via Admin Console Cipher Suites
An attacker can bypass access restrictions to data via Admin Console Cipher Suites of IBM WebSphere AS, in order to obtain sensitive information...
2006810, 2008123, 2008368, 7048591, CVE-2017-1501, VIGILANCE-VUL-23532
WebSphere AS: read-write access
An attacker can bypass access restrictions of WebSphere AS, in order to read or alter data...
2004785, 2006348, 2006516, 2009026, 2009072, 2009082, 2009087, 2009089, 2009090, 7036319, 7048591, CVE-2017-1382, VIGILANCE-VUL-23310
WebSphere AS: Cross Site Scripting via Admin Console
An attacker can trigger a Cross Site Scripting via Admin Console of WebSphere AS, in order to run JavaScript code in the context of the web site...
2004786, 2006342, 2006515, 2009072, 2009082, 2009087, 2009089, 2009090, 2009348, 7036319, 7048591, CVE-2017-1380, VIGILANCE-VUL-23309
Oracle Java: vulnerabilities of July 2017
Several vulnerabilities were announced in Oracle Java...
2007002, 2008025, 2008360, 2008362, 2008757, 2009206, 2009232, 2009253, 2009415, 2009663, 2011594, 2012301, CERTFR-2017-AVI-223, cpujul2017, CVE-2017-10053, CVE-2017-10067, CVE-2017-10074, CVE-2017-10078, CVE-2017-10081, CVE-2017-10086, CVE-2017-10087, CVE-2017-10089, CVE-2017-10090, CVE-2017-10096, CVE-2017-10101, CVE-2017-10102, CVE-2017-10104, CVE-2017-10105, CVE-2017-10107, CVE-2017-10108, CVE-2017-10109, CVE-2017-10110, CVE-2017-10111, CVE-2017-10114, CVE-2017-10115, CVE-2017-10116, CVE-2017-10117, CVE-2017-10118, CVE-2017-10121, CVE-2017-10125, CVE-2017-10135, CVE-2017-10145, CVE-2017-10176, CVE-2017-10193, CVE-2017-10198, CVE-2017-10243, DLA-1073-1, DSA-3919-1, DSA-3954-1, DSA-4005-1, FEDORA-2017-605557de96, FEDORA-2017-721314e3b3, FEDORA-2017-735e2ae663, FEDORA-2017-be3df4fe14, FEDORA-2017-fe57cf60c3, ibm10718843, JSA10873, NTAP-20170720-0001, openSUSE-SU-2017:2211-1, openSUSE-SU-2018:0042-1, RHSA-2017:1789-01, RHSA-2017:1790-01, RHSA-2017:1791-01, RHSA-2017:1792-01, RHSA-2017:2424-01, RHSA-2017:2469-01, RHSA-2017:2481-01, RHSA-2017:2530-01, SB10208, SUSE-SU-2017:2175-1, SUSE-SU-2017:2263-1, SUSE-SU-2017:2280-1, SUSE-SU-2017:2281-1, SUSE-SU-2018:0005-1, USN-3366-1, USN-3366-2, USN-3396-1, VIGILANCE-VUL-23289
WebSphere AS: information disclosure via Proxy Server / ODR
An attacker can bypass access restrictions to data via Proxy Server / ODR of WebSphere Application Server, in order to obtain sensitive information...
2004792, 2006343, 2006905, 2009023, 2009072, 2009082, 2009087, 2009089, 2009090, 2009348, 7048591, CVE-2017-1381, VIGILANCE-VUL-23275
IBM JDK: external XML entity injection
An attacker can transmit malicious XML data to IBM JDK, in order to read a file, scan sites, or trigger a denial of service...
2005058, 2005160, 2005255, 2007242, CVE-2017-1289, RHSA-2017:1220-01, RHSA-2017:1221-01, RHSA-2017:1222-01, SUSE-SU-2017:1384-1, SUSE-SU-2017:1386-1, SUSE-SU-2017:1387-1, SUSE-SU-2017:1444-1, VIGILANCE-VUL-22701
IBM WebSphere AS: Cross Site Request Forgery via OAuth Service Provider
An attacker can trigger a Cross Site Request Forgery via OAuth Service Provider of WebSphere Application Server, in order to force the victim to perform operations...
2001226, 2002678, 2006850, 2009072, 2009082, 2009087, 2009089, 2009090, 7036319, CVE-2017-1194, VIGILANCE-VUL-22574
Oracle Java: vulnerabilities of April 2017
An attacker can use several vulnerabilities of Oracle Java...
2003016, 2003566, 2004451, 2005052, 2005123, 2005160, 2005255, 2007242, 2007464, 2008210, 500160, BSA-2017-323, BSA-2017-325, BSA-2017-326, BSA-2017-327, BSA-2017-328, BSA-2017-330, BSA-2017-331, CERTFR-2017-AVI-119, cpuapr2017, CVE-2017-3509, CVE-2017-3511, CVE-2017-3512, CVE-2017-3514, CVE-2017-3526, CVE-2017-3533, CVE-2017-3539, CVE-2017-3544, DLA-954-1, DSA-3858-1, ESA-2017-058, FEDORA-2017-25358a23ad, FEDORA-2017-9b18f02810, FEDORA-2017-9fbcf033f8, FEDORA-2017-a6a053fc05, NTAP-20170420-0001, openSUSE-SU-2017:1429-1, openSUSE-SU-2017:1507-1, RHSA-2017:1108-01, RHSA-2017:1109-01, RHSA-2017:1117-01, RHSA-2017:1118-01, RHSA-2017:1119-01, RHSA-2017:1204-01, RHSA-2017:1220-01, RHSA-2017:1221-01, RHSA-2017:1222-01, SB10200, SUSE-SU-2017:1384-1, SUSE-SU-2017:1386-1, SUSE-SU-2017:1387-1, SUSE-SU-2017:1400-1, SUSE-SU-2017:1444-1, SUSE-SU-2017:1445-1, USN-3275-1, USN-3275-2, USN-3275-3, VIGILANCE-VUL-22488
IBM WebSphere Application Server: privilege escalation via OpenID Connect
An attacker can bypass restrictions via OpenID Connect of IBM WebSphere Application Server, in order to escalate his privileges...
1999293, 2000729, 2000730, 2001511, 7036319, CVE-2017-1151, VIGILANCE-VUL-22087
WebSphere AS: Cross Site Scripting via Admin Console
An attacker can trigger a Cross Site Scripting of WebSphere AS, in order to run JavaScript code in the context of the web site...
1997743, 1999058, 1999634, 2000813, 2009072, 2009082, 2009087, 2009089, 2009090, 7014463, 7036319, CVE-2017-1121, VIGILANCE-VUL-21796
Our database contains other pages. You can request a free trial to read them.

Display information about Tivoli System Automation: