IBM Tivoli Application Dependency Discovery Manager
By the Year
In 2024 there have been 3 vulnerabilities in IBM Tivoli Application Dependency Discovery Manager with an average score of 8.2 out of ten. Tivoli Application Dependency Discovery Manager did not have any published security vulnerabilities last year. That is, 3 more vulnerabilities have already been reported in 2024 as compared to last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2024 | 3 | 8.23 |
| 2023 | 0 | 0.00 |
| 2022 | 0 | 0.00 |
| 2021 | 0 | 0.00 |
| 2020 | 0 | 0.00 |
| 2019 | 1 | 7.50 |
| 2018 | 1 | 8.80 |
It may take a day or so for new Tivoli Application Dependency Discovery Manager vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent IBM Tivoli Application Dependency Discovery Manager Security Vulnerabilities
IBM Tivoli Application Dependency Discovery Manager 7.3.0.0 through 7.3.0.10 could
CVE-2023-47142
8.8 - High
- February 02, 2024
IBM Tivoli Application Dependency Discovery Manager 7.3.0.0 through 7.3.0.10 could allow an attacker on the organization's local network to escalate their privileges due to unauthorized API access. IBM X-Force ID: 270267.
Permissions, Privileges, and Access Controls
IBM Tivoli Application Dependency Discovery Manager 7.3.0.0 through 7.3.0.10 is vulnerable to cross-site scripting
CVE-2023-47144
6.1 - Medium
- February 02, 2024
IBM Tivoli Application Dependency Discovery Manager 7.3.0.0 through 7.3.0.10 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 270271.
XSS
IBM Tivoli Application Dependency Discovery Manager 7.3.0.0 through 7.3.0.10 is vulnerable to HTTP header injection
CVE-2023-47143
9.8 - Critical
- February 02, 2024
IBM Tivoli Application Dependency Discovery Manager 7.3.0.0 through 7.3.0.10 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. This could allow an attacker to conduct various attacks against the vulnerable system, including cross-site scripting, cache poisoning or session hijacking. IBM X-Force ID: 270270.
Output Sanitization
IBM Tivoli Application Dependency Discovery Manager 7.2.2 and 7.3 could expose password hashes in stored in system memory on target systems
CVE-2018-1675
7.5 - High
- February 04, 2019
IBM Tivoli Application Dependency Discovery Manager 7.2.2 and 7.3 could expose password hashes in stored in system memory on target systems that are configured to use TADDM. IBM X-Force ID: 145110.
Information Disclosure
IBM Tivoli Application Dependency Discovery Manager 7.2.2 and 7.3 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user
CVE-2018-1455
8.8 - High
- August 15, 2018
IBM Tivoli Application Dependency Discovery Manager 7.2.2 and 7.3 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 11029.
Session Riding
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for IBM Tivoli Application Dependency Discovery Manager or by IBM? Click the Watch button to subscribe.
