IBM Connections
By the Year
In 2024 there have been 0 vulnerabilities in IBM Connections . Connections did not have any published security vulnerabilities last year.
Year | Vulnerabilities | Average Score |
---|---|---|
2024 | 0 | 0.00 |
2023 | 0 | 0.00 |
2022 | 0 | 0.00 |
2021 | 0 | 0.00 |
2020 | 0 | 0.00 |
2019 | 1 | 5.40 |
2018 | 3 | 4.87 |
It may take a day or so for new Connections vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent IBM Connections Security Vulnerabilities
IBM Connections 6.0 is vulnerable to cross-site scripting
CVE-2019-4403
5.4 - Medium
- June 14, 2019
IBM Connections 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 162264.
XSS
IBM Connections 5.0, 5.5, and 6.0 is vulnerable to possible host header injection attack
CVE-2018-1896
5.4 - Medium
- December 07, 2018
IBM Connections 5.0, 5.5, and 6.0 is vulnerable to possible host header injection attack that could cause navigation to the attacker's domain. IBM X-Force ID: 152456.
Injection
IBM Connections 5.0, 5.5, and 6.0 could allow an authenticated user to obtain sensitive information from invalid request error messages
CVE-2018-1935
4.3 - Medium
- December 06, 2018
IBM Connections 5.0, 5.5, and 6.0 could allow an authenticated user to obtain sensitive information from invalid request error messages. IBM X-Force ID: 153315.
Information Disclosure
IBM Connections 5.0
CVE-2018-1791
4.9 - Medium
- September 14, 2018
IBM Connections 5.0, 5.5, and 6.0 is vulnerable to an External Service Interaction attack, caused by improper validation of a request property. By submitting suitable payloads, an attacker could exploit this vulnerability to induce the Connections server to attack other systems. IBM X-Force ID: 148946.
Improper Input Validation
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for IBM Connections or by IBM? Click the Watch button to subscribe.