Search

Find a vulnerability

Search criteria

    58 vulnerabilities found for tivoli_monitoring by ibm

    CVE-2025-3356 (GCVE-0-2025-3356)

    Vulnerability from nvd – Published: 2025-10-30 19:22 – Updated: 2025-10-30 19:41
    VLAI
    Title
    IBM Tivoli Monitoring is vulnerable to unauthenticated file read and write operations
    Summary
    IBM Tivoli Monitoring 6.3.0.7 through 6.3.0.7 Service Pack 21 could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences (/../) to view, overwrite, or append to arbitrary files on the system.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
    Assigner
    ibm
    References
    URL Tags
    https://www.ibm.com/support/pages/node/7249694 vendor-advisorypatch
    Impacted products
    Vendor Product Version
    IBM Tivoli Monitoring Affected: 6.3.0.7 , ≤ 6.3.0.7 Service Pack 21 (semver)
        cpe:2.3:a:ibm:tivoli_monitoring:6.3.0.7:*:*:*:*:*:*:*
        cpe:2.3:a:ibm:tivoli_monitoring:6.3.0.7:sp21:*:*:*:*:*:*
    Create a notification for this product.
    Credits
    Aleksandr Tlyapov
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-3356",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-10-30T19:38:43.818984Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-10-30T19:41:12.149Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "cpes": [
                "cpe:2.3:a:ibm:tivoli_monitoring:6.3.0.7:*:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:tivoli_monitoring:6.3.0.7:sp21:*:*:*:*:*:*"
              ],
              "defaultStatus": "unaffected",
              "product": "Tivoli Monitoring",
              "vendor": "IBM",
              "versions": [
                {
                  "lessThanOrEqual": "6.3.0.7 Service Pack 21",
                  "status": "affected",
                  "version": "6.3.0.7",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Aleksandr Tlyapov"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eIBM Tivoli Monitoring 6.3.0.7 through 6.3.0.7 Service Pack 21 could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing \u0026quot;dot dot\u0026quot; sequences (/../) to view, overwrite, or append to arbitrary files on the system.\u003c/p\u003e"
                }
              ],
              "value": "IBM Tivoli Monitoring 6.3.0.7 through 6.3.0.7 Service Pack 21 could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing \"dot dot\" sequences (/../) to view, overwrite, or append to arbitrary files on the system."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 8.6,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-22",
                  "description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-10-30T19:22:37.371Z",
            "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
            "shortName": "ibm"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory",
                "patch"
              ],
              "url": "https://www.ibm.com/support/pages/node/7249694"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eRemediation/Fixes IBM strongly recommends addressing the vulnerability by following the steps provided in the following technote: Remediation of CVE-2025-3355 and CVE-2025-3356\u003c/p\u003e"
                }
              ],
              "value": "Remediation/Fixes IBM strongly recommends addressing the vulnerability by following the steps provided in the following technote: Remediation of CVE-2025-3355 and CVE-2025-3356"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "IBM Tivoli Monitoring is vulnerable to unauthenticated file read and write operations",
          "x_generator": {
            "engine": "ibm-cvegen"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "assignerShortName": "ibm",
        "cveId": "CVE-2025-3356",
        "datePublished": "2025-10-30T19:22:37.371Z",
        "dateReserved": "2025-04-06T21:05:59.220Z",
        "dateUpdated": "2025-10-30T19:41:12.149Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-3355 (GCVE-0-2025-3355)

    Vulnerability from nvd – Published: 2025-10-30 19:21 – Updated: 2025-10-30 19:51
    VLAI
    Title
    IBM Tivoli Monitoring is vulnerable to unauthenticated file read and write operations
    Summary
    IBM Tivoli Monitoring 6.3.0.7 through 6.3.0.7 Service Pack 21 could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
    Assigner
    ibm
    References
    URL Tags
    https://www.ibm.com/support/pages/node/7249694 vendor-advisorypatch
    Impacted products
    Vendor Product Version
    IBM Tivoli Monitoring Affected: 6.3.0.7 , ≤ 6.3.0.7 Service Pack 21 (semver)
        cpe:2.3:a:ibm:tivoli_monitoring:6.3.0.7:*:*:*:*:*:*:*
        cpe:2.3:a:ibm:tivoli_monitoring:6.3.0.7:sp21:*:*:*:*:*:*
    Create a notification for this product.
    Credits
    Aleksandr Tlyapov
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-3355",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-10-30T19:49:59.308067Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-10-30T19:51:08.264Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "cpes": [
                "cpe:2.3:a:ibm:tivoli_monitoring:6.3.0.7:*:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:tivoli_monitoring:6.3.0.7:sp21:*:*:*:*:*:*"
              ],
              "defaultStatus": "unaffected",
              "product": "Tivoli Monitoring",
              "vendor": "IBM",
              "versions": [
                {
                  "lessThanOrEqual": "6.3.0.7 Service Pack 21",
                  "status": "affected",
                  "version": "6.3.0.7",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Aleksandr Tlyapov"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eIBM Tivoli Monitoring 6.3.0.7 through 6.3.0.7 Service Pack 21 could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing \u0026quot;dot dot\u0026quot; sequences (/../) to view arbitrary files on the system.\u003c/p\u003e"
                }
              ],
              "value": "IBM Tivoli Monitoring 6.3.0.7 through 6.3.0.7 Service Pack 21 could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing \"dot dot\" sequences (/../) to view arbitrary files on the system."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-22",
                  "description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-10-30T19:21:42.496Z",
            "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
            "shortName": "ibm"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory",
                "patch"
              ],
              "url": "https://www.ibm.com/support/pages/node/7249694"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eRemediation/Fixes IBM strongly recommends addressing the vulnerability by following the steps provided in the following technote: Remediation of CVE-2025-3355 and CVE-2025-3356\u003c/p\u003e"
                }
              ],
              "value": "Remediation/Fixes IBM strongly recommends addressing the vulnerability by following the steps provided in the following technote: Remediation of CVE-2025-3355 and CVE-2025-3356"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "IBM Tivoli Monitoring is vulnerable to unauthenticated file read and write operations",
          "x_generator": {
            "engine": "ibm-cvegen"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "assignerShortName": "ibm",
        "cveId": "CVE-2025-3355",
        "datePublished": "2025-10-30T19:21:42.496Z",
        "dateReserved": "2025-04-06T21:02:26.939Z",
        "dateUpdated": "2025-10-30T19:51:08.264Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-3354 (GCVE-0-2025-3354)

    Vulnerability from nvd – Published: 2025-08-06 13:50 – Updated: 2026-02-26 17:49
    VLAI
    Title
    IBM Tivoli Monitoring code execution
    Summary
    IBM Tivoli Monitoring 6.3.0.7 through 6.3.0.7 Service Pack 20 is vulnerable to a heap-based buffer overflow, caused by improper bounds checking. A remote attacker could overflow a buffer and execute arbitrary code on the system or cause the server to crash.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-122 - Heap-based Buffer Overflow
    Assigner
    ibm
    References
    URL Tags
    https://www.ibm.com/support/pages/node/7241472 vendor-advisorypatch
    Impacted products
    Vendor Product Version
    IBM Tivoli Monitoring Affected: 6.3.0.7 , ≤ 6.3.0.7 SP20 (semver)
        cpe:2.3:a:ibm:tivoli_monitoring:6.3.0.7:*:*:*:*:*:*:*
        cpe:2.3:a:ibm:tivoli_monitoring:6.3.0.7:service_pack_20:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-3354",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-08-07T03:55:22.863754Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-02-26T17:49:53.408Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "cpes": [
                "cpe:2.3:a:ibm:tivoli_monitoring:6.3.0.7:*:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:tivoli_monitoring:6.3.0.7:service_pack_20:*:*:*:*:*:*"
              ],
              "defaultStatus": "unaffected",
              "product": "Tivoli Monitoring",
              "vendor": "IBM",
              "versions": [
                {
                  "lessThanOrEqual": "6.3.0.7 SP20",
                  "status": "affected",
                  "version": "6.3.0.7",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "IBM Tivoli Monitoring 6.3.0.7 through 6.3.0.7 Service Pack 20 is vulnerable to a heap-based buffer overflow, caused by improper bounds checking. A remote attacker could overflow a buffer and execute arbitrary code on the system or cause the server to crash."
                }
              ],
              "value": "IBM Tivoli Monitoring 6.3.0.7 through 6.3.0.7 Service Pack 20 is vulnerable to a heap-based buffer overflow, caused by improper bounds checking. A remote attacker could overflow a buffer and execute arbitrary code on the system or cause the server to crash."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 8.1,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-122",
                  "description": "CWE-122 Heap-based Buffer Overflow",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-08-06T13:50:06.240Z",
            "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
            "shortName": "ibm"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory",
                "patch"
              ],
              "url": "https://www.ibm.com/support/pages/node/7241472"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "IBM strongly recommends addressing the vulnerability now by upgrading to 6.3.0.7-SP0021\u003cbr\u003e\u003cbr\u003e6.3.0.7-TIV-ITM-SP0021  6.3.0.7  IBM Tivoli Monitoring Service Pack 6.3.0.7-TIV-ITM-SP0021\u003cbr\u003e\u003cbr\u003e"
                }
              ],
              "value": "IBM strongly recommends addressing the vulnerability now by upgrading to 6.3.0.7-SP0021\n\n6.3.0.7-TIV-ITM-SP0021  6.3.0.7  IBM Tivoli Monitoring Service Pack 6.3.0.7-TIV-ITM-SP0021"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "IBM Tivoli Monitoring code execution",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "assignerShortName": "ibm",
        "cveId": "CVE-2025-3354",
        "datePublished": "2025-08-06T13:50:06.240Z",
        "dateReserved": "2025-04-06T20:57:16.315Z",
        "dateUpdated": "2026-02-26T17:49:53.408Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-3320 (GCVE-0-2025-3320)

    Vulnerability from nvd – Published: 2025-08-06 13:49 – Updated: 2025-08-07 03:55
    VLAI
    Title
    IBM Tivoli Monitoring code execution
    Summary
    IBM Tivoli Monitoring 6.3.0.7 through 6.3.0.7 Service Pack 20 is vulnerable to a heap-based buffer overflow, caused by improper bounds checking. A remote attacker could overflow a buffer and execute arbitrary code on the system or cause the server to crash.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-122 - Heap-based Buffer Overflow
    Assigner
    ibm
    References
    URL Tags
    https://www.ibm.com/support/pages/node/7241472 vendor-advisorypatch
    Impacted products
    Vendor Product Version
    IBM Tivoli Monitoring Affected: 6.3.0.7 , ≤ 6.3.0.7 SP20 (semver)
        cpe:2.3:a:ibm:tivoli_monitoring:6.3.0.7:*:*:*:*:*:*:*
        cpe:2.3:a:ibm:tivoli_monitoring:6.3.0.7:service_pack_20:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-3320",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-08-06T00:00:00+00:00",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-08-07T03:55:20.363Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "cpes": [
                "cpe:2.3:a:ibm:tivoli_monitoring:6.3.0.7:*:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:tivoli_monitoring:6.3.0.7:service_pack_20:*:*:*:*:*:*"
              ],
              "defaultStatus": "unaffected",
              "product": "Tivoli Monitoring",
              "vendor": "IBM",
              "versions": [
                {
                  "lessThanOrEqual": "6.3.0.7 SP20",
                  "status": "affected",
                  "version": "6.3.0.7",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "IBM Tivoli Monitoring 6.3.0.7 through 6.3.0.7 Service Pack 20 is vulnerable to a heap-based buffer overflow, caused by improper bounds checking. A remote attacker could overflow a buffer and execute arbitrary code on the system or cause the server to crash."
                }
              ],
              "value": "IBM Tivoli Monitoring 6.3.0.7 through 6.3.0.7 Service Pack 20 is vulnerable to a heap-based buffer overflow, caused by improper bounds checking. A remote attacker could overflow a buffer and execute arbitrary code on the system or cause the server to crash."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 8.1,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-122",
                  "description": "CWE-122 Heap-based Buffer Overflow",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-08-06T13:49:35.970Z",
            "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
            "shortName": "ibm"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory",
                "patch"
              ],
              "url": "https://www.ibm.com/support/pages/node/7241472"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "IBM strongly recommends addressing the vulnerability now by upgrading to 6.3.0.7-SP0021\u003cbr\u003e\u003cbr\u003e6.3.0.7-TIV-ITM-SP0021  6.3.0.7  IBM Tivoli Monitoring Service Pack 6.3.0.7-TIV-ITM-SP0021\u003cbr\u003e\u003cbr\u003e"
                }
              ],
              "value": "IBM strongly recommends addressing the vulnerability now by upgrading to 6.3.0.7-SP0021\n\n6.3.0.7-TIV-ITM-SP0021  6.3.0.7  IBM Tivoli Monitoring Service Pack 6.3.0.7-TIV-ITM-SP0021"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "IBM Tivoli Monitoring code execution",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "assignerShortName": "ibm",
        "cveId": "CVE-2025-3320",
        "datePublished": "2025-08-06T13:49:35.970Z",
        "dateReserved": "2025-04-05T13:35:40.648Z",
        "dateUpdated": "2025-08-07T03:55:20.363Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-3357 (GCVE-0-2025-3357)

    Vulnerability from nvd – Published: 2025-05-28 14:51 – Updated: 2026-02-26 18:27
    VLAI
    Title
    IBM Tivoli Monitoring code execution
    Summary
    IBM Tivoli Monitoring 6.3.0.7 through 6.3.0.7 Service Pack 19 could allow a remote attacker to execute arbitrary code due to improper validation of an index value of a dynamically allocated array.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-1285 - Improper Validation of Specified Index, Position, or Offset in Input
    Assigner
    ibm
    References
    URL Tags
    https://www.ibm.com/support/pages/node/7234923 vendor-advisorypatch
    Impacted products
    Vendor Product Version
    IBM Tivoli Monitoring Affected: 6.3.0.7 , ≤ 6.3.0.7 SP15 (semver)
        cpe:2.3:a:ibm:tivoli_monitoring:6.3.0.7:*:*:*:*:*:*:*
        cpe:2.3:a:ibm:tivoli_monitoring:6.3.0.7:service_pack_15:*:*:*:*:*:*
    Create a notification for this product.
    Credits
    Aleksandr Tlyapov
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-3357",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-05-29T03:55:50.764227Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-02-26T18:27:50.921Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "cpes": [
                "cpe:2.3:a:ibm:tivoli_monitoring:6.3.0.7:*:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:tivoli_monitoring:6.3.0.7:service_pack_15:*:*:*:*:*:*"
              ],
              "defaultStatus": "unaffected",
              "product": "Tivoli Monitoring",
              "vendor": "IBM",
              "versions": [
                {
                  "lessThanOrEqual": "6.3.0.7 SP15",
                  "status": "affected",
                  "version": "6.3.0.7",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Aleksandr Tlyapov"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "IBM Tivoli Monitoring 6.3.0.7 through 6.3.0.7 Service Pack 19\u0026nbsp;could allow a remote attacker to execute arbitrary code due to improper validation of an index value of a dynamically allocated array."
                }
              ],
              "value": "IBM Tivoli Monitoring 6.3.0.7 through 6.3.0.7 Service Pack 19\u00a0could allow a remote attacker to execute arbitrary code due to improper validation of an index value of a dynamically allocated array."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-1285",
                  "description": "CWE-1285 Improper Validation of Specified Index, Position, or Offset in Input",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-08-26T14:56:28.301Z",
            "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
            "shortName": "ibm"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory",
                "patch"
              ],
              "url": "https://www.ibm.com/support/pages/node/7234923"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eIBM strongly recommends addressing the vulnerability now by upgrading to 6.3.0.7-SP0020\u003c/span\u003e\n\n\u003cbr\u003e"
                }
              ],
              "value": "IBM strongly recommends addressing the vulnerability now by upgrading to 6.3.0.7-SP0020"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "IBM Tivoli Monitoring code execution",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "assignerShortName": "ibm",
        "cveId": "CVE-2025-3357",
        "datePublished": "2025-05-28T14:51:29.649Z",
        "dateReserved": "2025-04-06T21:14:20.726Z",
        "dateUpdated": "2026-02-26T18:27:50.921Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2020-4311 (GCVE-0-2020-4311)

    Vulnerability from nvd – Published: 2020-04-23 13:10 – Updated: 2024-09-16 18:59
    VLAI
    Summary
    IBM Tivoli Monitoring 6.3.0 could allow a local attacker to execute arbitrary code on the system. By placing a specially crafted file, an attacker could exploit this vulnerability to load other DLL files located in the same directory and execute arbitrary code on the system. IBM X-Force ID: 177083.
    CWE
    • Gain Privileges
    Assigner
    ibm
    References
    Impacted products
    Vendor Product Version
    IBM Tivoli Monitoring Affected: 6.3.0
    Create a notification for this product.
    Date Public
    2020-04-22 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T08:00:06.988Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.ibm.com/support/pages/node/6198358"
              },
              {
                "name": "ibm-tivoli-cve20204311-code-exec (177083)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/177083"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Tivoli Monitoring",
              "vendor": "IBM",
              "versions": [
                {
                  "status": "affected",
                  "version": "6.3.0"
                }
              ]
            }
          ],
          "datePublic": "2020-04-22T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "IBM Tivoli Monitoring 6.3.0 could allow a local attacker to execute arbitrary code on the system. By placing a specially crafted file, an attacker could exploit this vulnerability to load other DLL files located in the same directory and execute arbitrary code on the system. IBM X-Force ID: 177083."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "attackComplexity": "HIGH",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 7.4,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitCodeMaturity": "UNPROVEN",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "remediationLevel": "OFFICIAL_FIX",
                "reportConfidence": "CONFIRMED",
                "scope": "UNCHANGED",
                "temporalScore": 6.4,
                "temporalSeverity": "MEDIUM",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:L/S:U/UI:N/A:H/C:H/I:H/PR:N/AC:H/E:U/RL:O/RC:C",
                "version": "3.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Gain Privileges",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-04-23T13:10:23.000Z",
            "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
            "shortName": "ibm"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.ibm.com/support/pages/node/6198358"
            },
            {
              "name": "ibm-tivoli-cve20204311-code-exec (177083)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/177083"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@us.ibm.com",
              "DATE_PUBLIC": "2020-04-22T00:00:00",
              "ID": "CVE-2020-4311",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Tivoli Monitoring",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "6.3.0"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "IBM"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "IBM Tivoli Monitoring 6.3.0 could allow a local attacker to execute arbitrary code on the system. By placing a specially crafted file, an attacker could exploit this vulnerability to load other DLL files located in the same directory and execute arbitrary code on the system. IBM X-Force ID: 177083."
                }
              ]
            },
            "impact": {
              "cvssv3": {
                "BM": {
                  "A": "H",
                  "AC": "H",
                  "AV": "L",
                  "C": "H",
                  "I": "H",
                  "PR": "N",
                  "S": "U",
                  "UI": "N"
                },
                "TM": {
                  "E": "U",
                  "RC": "C",
                  "RL": "O"
                }
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Gain Privileges"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.ibm.com/support/pages/node/6198358",
                  "refsource": "CONFIRM",
                  "title": "IBM Security Bulletin 6198358 (Tivoli Monitoring)",
                  "url": "https://www.ibm.com/support/pages/node/6198358"
                },
                {
                  "name": "ibm-tivoli-cve20204311-code-exec (177083)",
                  "refsource": "XF",
                  "title": "X-Force Vulnerability Report",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/177083"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "assignerShortName": "ibm",
        "cveId": "CVE-2020-4311",
        "datePublished": "2020-04-23T13:10:23.928Z",
        "dateReserved": "2019-12-30T00:00:00.000Z",
        "dateUpdated": "2024-09-16T18:59:33.454Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2019-4592 (GCVE-0-2019-4592)

    Vulnerability from nvd – Published: 2020-02-13 15:40 – Updated: 2024-09-17 01:01
    VLAI
    Summary
    IBM Tivoli Monitoring Service 6.3.0.7.3 through 6.3.0.7.10 could allow an unauthorized user to access and modify operation aspects of the ITM monitoring server possibly leading to an effective denial of service or disabling of the monitoring server. IBM X-Force ID: 167647.
    CWE
    • Denial of Service
    Assigner
    ibm
    References
    Impacted products
    Vendor Product Version
    IBM Tivoli Monitoring Affected: 6.3.0.7.3
    Affected: 6.3.0.7.10
    Create a notification for this product.
    Date Public
    2020-02-12 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T19:40:47.515Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.ibm.com/support/pages/node/2278617"
              },
              {
                "name": "ibm-tivoli-cve20194592-dos (167647)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/167647"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Tivoli Monitoring",
              "vendor": "IBM",
              "versions": [
                {
                  "status": "affected",
                  "version": "6.3.0.7.3"
                },
                {
                  "status": "affected",
                  "version": "6.3.0.7.10"
                }
              ]
            }
          ],
          "datePublic": "2020-02-12T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "IBM Tivoli Monitoring Service 6.3.0.7.3 through 6.3.0.7.10 could allow an unauthorized user to access and modify operation aspects of the ITM monitoring server possibly leading to an effective denial of service or disabling of the monitoring server. IBM X-Force ID: 167647."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "exploitCodeMaturity": "UNPROVEN",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "remediationLevel": "OFFICIAL_FIX",
                "reportConfidence": "CONFIRMED",
                "scope": "UNCHANGED",
                "temporalScore": 6.5,
                "temporalSeverity": "MEDIUM",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/A:H/AV:N/C:N/S:U/AC:L/I:N/UI:N/PR:N/RL:O/E:U/RC:C",
                "version": "3.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Denial of Service",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-02-13T15:40:21.000Z",
            "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
            "shortName": "ibm"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.ibm.com/support/pages/node/2278617"
            },
            {
              "name": "ibm-tivoli-cve20194592-dos (167647)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/167647"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@us.ibm.com",
              "DATE_PUBLIC": "2020-02-12T00:00:00",
              "ID": "CVE-2019-4592",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Tivoli Monitoring",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "6.3.0.7.3"
                              },
                              {
                                "version_value": "6.3.0.7.10"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "IBM"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "IBM Tivoli Monitoring Service 6.3.0.7.3 through 6.3.0.7.10 could allow an unauthorized user to access and modify operation aspects of the ITM monitoring server possibly leading to an effective denial of service or disabling of the monitoring server. IBM X-Force ID: 167647."
                }
              ]
            },
            "impact": {
              "cvssv3": {
                "BM": {
                  "A": "H",
                  "AC": "L",
                  "AV": "N",
                  "C": "N",
                  "I": "N",
                  "PR": "N",
                  "S": "U",
                  "UI": "N"
                },
                "TM": {
                  "E": "U",
                  "RC": "C",
                  "RL": "O"
                }
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Denial of Service"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.ibm.com/support/pages/node/2278617",
                  "refsource": "CONFIRM",
                  "title": "IBM Security Bulletin 2278617 (Tivoli Monitoring)",
                  "url": "https://www.ibm.com/support/pages/node/2278617"
                },
                {
                  "name": "ibm-tivoli-cve20194592-dos (167647)",
                  "refsource": "XF",
                  "title": "X-Force Vulnerability Report",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/167647"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "assignerShortName": "ibm",
        "cveId": "CVE-2019-4592",
        "datePublished": "2020-02-13T15:40:21.327Z",
        "dateReserved": "2019-01-03T00:00:00.000Z",
        "dateUpdated": "2024-09-17T01:01:14.787Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2017-1794 (GCVE-0-2017-1794)

    Vulnerability from nvd – Published: 2018-09-19 15:00 – Updated: 2024-09-16 20:57
    VLAI
    Summary
    IBM Tivoli Monitoring 6.2.3 through 6.2.3.5 and 6.3.0 through 6.3.0.7 are vulnerable to both TEPS user privilege escalation and possible denial of service due to unconstrained memory growth. IBM X-Force ID: 137039.
    CWE
    • Gain Privileges
    Assigner
    ibm
    References
    Impacted products
    Vendor Product Version
    IBM Tivoli Monitoring Affected: 6.2.3
    Affected: 6.2.3.1
    Affected: 6.2.3.2
    Affected: 6.3.0
    Affected: 6.2.3.3
    Affected: 6.2.3.4
    Affected: 6.2.3.5
    Affected: 6.3.0.1
    Affected: 6.3.0.2
    Affected: 6.3.0.3
    Affected: 6.3.0.4
    Affected: 6.3.0.5
    Affected: 6.3.0.6
    Affected: 6.3.0.7
    Create a notification for this product.
    Date Public
    2018-09-17 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T13:39:32.263Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "ibm-tivoli-cve20171794-priv-escalation(137039)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/137039"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.ibm.com/support/docview.wss?uid=swg22014097"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Tivoli Monitoring",
              "vendor": "IBM",
              "versions": [
                {
                  "status": "affected",
                  "version": "6.2.3"
                },
                {
                  "status": "affected",
                  "version": "6.2.3.1"
                },
                {
                  "status": "affected",
                  "version": "6.2.3.2"
                },
                {
                  "status": "affected",
                  "version": "6.3.0"
                },
                {
                  "status": "affected",
                  "version": "6.2.3.3"
                },
                {
                  "status": "affected",
                  "version": "6.2.3.4"
                },
                {
                  "status": "affected",
                  "version": "6.2.3.5"
                },
                {
                  "status": "affected",
                  "version": "6.3.0.1"
                },
                {
                  "status": "affected",
                  "version": "6.3.0.2"
                },
                {
                  "status": "affected",
                  "version": "6.3.0.3"
                },
                {
                  "status": "affected",
                  "version": "6.3.0.4"
                },
                {
                  "status": "affected",
                  "version": "6.3.0.5"
                },
                {
                  "status": "affected",
                  "version": "6.3.0.6"
                },
                {
                  "status": "affected",
                  "version": "6.3.0.7"
                }
              ]
            }
          ],
          "datePublic": "2018-09-17T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "IBM Tivoli Monitoring 6.2.3 through 6.2.3.5 and 6.3.0 through 6.3.0.7 are vulnerable to both TEPS user privilege escalation and possible denial of service due to unconstrained memory growth. IBM X-Force ID: 137039."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitCodeMaturity": "UNPROVEN",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "remediationLevel": "OFFICIAL_FIX",
                "reportConfidence": "CONFIRMED",
                "scope": "UNCHANGED",
                "temporalScore": 6.5,
                "temporalSeverity": "MEDIUM",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/A:H/AC:H/AV:N/C:H/I:H/PR:L/S:U/UI:N/E:U/RC:C/RL:O",
                "version": "3.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Gain Privileges",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-09-19T14:57:01.000Z",
            "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
            "shortName": "ibm"
          },
          "references": [
            {
              "name": "ibm-tivoli-cve20171794-priv-escalation(137039)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/137039"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.ibm.com/support/docview.wss?uid=swg22014097"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@us.ibm.com",
              "DATE_PUBLIC": "2018-09-17T00:00:00",
              "ID": "CVE-2017-1794",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Tivoli Monitoring",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "6.2.3"
                              },
                              {
                                "version_value": "6.2.3.1"
                              },
                              {
                                "version_value": "6.2.3.2"
                              },
                              {
                                "version_value": "6.3.0"
                              },
                              {
                                "version_value": "6.2.3.3"
                              },
                              {
                                "version_value": "6.2.3.4"
                              },
                              {
                                "version_value": "6.2.3.5"
                              },
                              {
                                "version_value": "6.3.0.1"
                              },
                              {
                                "version_value": "6.3.0.2"
                              },
                              {
                                "version_value": "6.3.0.3"
                              },
                              {
                                "version_value": "6.3.0.4"
                              },
                              {
                                "version_value": "6.3.0.5"
                              },
                              {
                                "version_value": "6.3.0.6"
                              },
                              {
                                "version_value": "6.3.0.7"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "IBM"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "IBM Tivoli Monitoring 6.2.3 through 6.2.3.5 and 6.3.0 through 6.3.0.7 are vulnerable to both TEPS user privilege escalation and possible denial of service due to unconstrained memory growth. IBM X-Force ID: 137039."
                }
              ]
            },
            "impact": {
              "cvssv3": {
                "BM": {
                  "A": "H",
                  "AC": "H",
                  "AV": "N",
                  "C": "H",
                  "I": "H",
                  "PR": "L",
                  "S": "U",
                  "UI": "N"
                },
                "TM": {
                  "E": "U",
                  "RC": "C",
                  "RL": "O"
                }
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Gain Privileges"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "ibm-tivoli-cve20171794-priv-escalation(137039)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/137039"
                },
                {
                  "name": "https://www.ibm.com/support/docview.wss?uid=swg22014097",
                  "refsource": "CONFIRM",
                  "url": "https://www.ibm.com/support/docview.wss?uid=swg22014097"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "assignerShortName": "ibm",
        "cveId": "CVE-2017-1794",
        "datePublished": "2018-09-19T15:00:00.000Z",
        "dateReserved": "2016-11-30T00:00:00.000Z",
        "dateUpdated": "2024-09-16T20:57:57.753Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2017-1789 (GCVE-0-2017-1789)

    Vulnerability from nvd – Published: 2018-03-22 12:00 – Updated: 2024-09-16 22:35
    VLAI
    Summary
    IBM Tivoli Monitoring V6 6.2.3 and 6.3.0 could allow an unauthenticated user to remotely execute code through unspecified methods. IBM X-Force ID: 137034.
    CWE
    • Gain Access
    Assigner
    ibm
    References
    Impacted products
    Vendor Product Version
    IBM Tivoli Monitoring V6 Affected: 6.2.3
    Affected: 6.3.0
    Affected: 6.2.3.1
    Affected: 6.2.3.2
    Affected: 6.2.3.3
    Affected: 6.2.3.4
    Affected: 6.2.3.5
    Affected: 6.3.0.1
    Affected: 6.3.0.2
    Affected: 6.3.0.3
    Affected: 6.3.0.4
    Affected: 6.3.0.5
    Affected: 6.3.0.6
    Affected: 6.3.0.7
    Create a notification for this product.
    Date Public
    2018-03-13 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T13:39:32.288Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.ibm.com/support/docview.wss?uid=swg22014096"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/137034"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Tivoli Monitoring V6",
              "vendor": "IBM",
              "versions": [
                {
                  "status": "affected",
                  "version": "6.2.3"
                },
                {
                  "status": "affected",
                  "version": "6.3.0"
                },
                {
                  "status": "affected",
                  "version": "6.2.3.1"
                },
                {
                  "status": "affected",
                  "version": "6.2.3.2"
                },
                {
                  "status": "affected",
                  "version": "6.2.3.3"
                },
                {
                  "status": "affected",
                  "version": "6.2.3.4"
                },
                {
                  "status": "affected",
                  "version": "6.2.3.5"
                },
                {
                  "status": "affected",
                  "version": "6.3.0.1"
                },
                {
                  "status": "affected",
                  "version": "6.3.0.2"
                },
                {
                  "status": "affected",
                  "version": "6.3.0.3"
                },
                {
                  "status": "affected",
                  "version": "6.3.0.4"
                },
                {
                  "status": "affected",
                  "version": "6.3.0.5"
                },
                {
                  "status": "affected",
                  "version": "6.3.0.6"
                },
                {
                  "status": "affected",
                  "version": "6.3.0.7"
                }
              ]
            }
          ],
          "datePublic": "2018-03-13T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "IBM Tivoli Monitoring V6 6.2.3 and 6.3.0 could allow an unauthenticated user to remotely execute code through unspecified methods. IBM X-Force ID: 137034."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/A:H/AC:L/AV:N/C:H/I:H/PR:N/S:U/UI:N",
                "version": "3.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Gain Access",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-03-22T11:57:01.000Z",
            "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
            "shortName": "ibm"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.ibm.com/support/docview.wss?uid=swg22014096"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/137034"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@us.ibm.com",
              "DATE_PUBLIC": "2018-03-13T00:00:00",
              "ID": "CVE-2017-1789",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Tivoli Monitoring V6",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "6.2.3"
                              },
                              {
                                "version_value": "6.3.0"
                              },
                              {
                                "version_value": "6.2.3.1"
                              },
                              {
                                "version_value": "6.2.3.2"
                              },
                              {
                                "version_value": "6.2.3.3"
                              },
                              {
                                "version_value": "6.2.3.4"
                              },
                              {
                                "version_value": "6.2.3.5"
                              },
                              {
                                "version_value": "6.3.0.1"
                              },
                              {
                                "version_value": "6.3.0.2"
                              },
                              {
                                "version_value": "6.3.0.3"
                              },
                              {
                                "version_value": "6.3.0.4"
                              },
                              {
                                "version_value": "6.3.0.5"
                              },
                              {
                                "version_value": "6.3.0.6"
                              },
                              {
                                "version_value": "6.3.0.7"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "IBM"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "IBM Tivoli Monitoring V6 6.2.3 and 6.3.0 could allow an unauthenticated user to remotely execute code through unspecified methods. IBM X-Force ID: 137034."
                }
              ]
            },
            "impact": {
              "cvssv3": {
                "BM": {
                  "A": "H",
                  "AC": "L",
                  "AV": "N",
                  "C": "H",
                  "I": "H",
                  "PR": "N",
                  "S": "U",
                  "UI": "N"
                }
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Gain Access"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://www.ibm.com/support/docview.wss?uid=swg22014096",
                  "refsource": "CONFIRM",
                  "url": "http://www.ibm.com/support/docview.wss?uid=swg22014096"
                },
                {
                  "name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/137034",
                  "refsource": "MISC",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/137034"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "assignerShortName": "ibm",
        "cveId": "CVE-2017-1789",
        "datePublished": "2018-03-22T12:00:00.000Z",
        "dateReserved": "2016-11-30T00:00:00.000Z",
        "dateUpdated": "2024-09-16T22:35:36.871Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2017-1635 (GCVE-0-2017-1635)

    Vulnerability from nvd – Published: 2017-12-13 18:00 – Updated: 2024-09-16 17:38
    VLAI
    Summary
    IBM Tivoli Monitoring V6 6.2.2.x could allow a remote attacker to execute arbitrary code on the system, caused by a use-after-free error. A remote attacker could exploit this vulnerability to execute arbitrary code on the system or cause the application to crash. IBM X-Force ID: 133243.
    Severity
    No CVSS data available.
    CWE
    • Gain Privileges
    Assigner
    ibm
    References
    Impacted products
    Vendor Product Version
    IBM Tivoli Monitoring V6 Affected: 6.2.2
    Affected: 6.2.2.2
    Affected: 6.2.2.3
    Affected: 6.2.2.4
    Affected: 6.2.2.5
    Affected: 6.2.2.6
    Affected: 6.2.2.7
    Affected: 6.2.2.8
    Affected: 6.2.2.9
    Create a notification for this product.
    Date Public
    2017-11-17 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T13:39:32.008Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/133243"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.ibm.com/support/docview.wss?uid=swg22010554"
              },
              {
                "name": "101905",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/101905"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Tivoli Monitoring V6",
              "vendor": "IBM",
              "versions": [
                {
                  "status": "affected",
                  "version": "6.2.2"
                },
                {
                  "status": "affected",
                  "version": "6.2.2.2"
                },
                {
                  "status": "affected",
                  "version": "6.2.2.3"
                },
                {
                  "status": "affected",
                  "version": "6.2.2.4"
                },
                {
                  "status": "affected",
                  "version": "6.2.2.5"
                },
                {
                  "status": "affected",
                  "version": "6.2.2.6"
                },
                {
                  "status": "affected",
                  "version": "6.2.2.7"
                },
                {
                  "status": "affected",
                  "version": "6.2.2.8"
                },
                {
                  "status": "affected",
                  "version": "6.2.2.9"
                }
              ]
            }
          ],
          "datePublic": "2017-11-17T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "IBM Tivoli Monitoring V6 6.2.2.x could allow a remote attacker to execute arbitrary code on the system, caused by a use-after-free error. A remote attacker could exploit this vulnerability to execute arbitrary code on the system or cause the application to crash. IBM X-Force ID: 133243."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Gain Privileges",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-12-14T10:57:01.000Z",
            "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
            "shortName": "ibm"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/133243"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.ibm.com/support/docview.wss?uid=swg22010554"
            },
            {
              "name": "101905",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/101905"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@us.ibm.com",
              "DATE_PUBLIC": "2017-11-17T00:00:00",
              "ID": "CVE-2017-1635",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Tivoli Monitoring V6",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "6.2.2"
                              },
                              {
                                "version_value": "6.2.2.2"
                              },
                              {
                                "version_value": "6.2.2.3"
                              },
                              {
                                "version_value": "6.2.2.4"
                              },
                              {
                                "version_value": "6.2.2.5"
                              },
                              {
                                "version_value": "6.2.2.6"
                              },
                              {
                                "version_value": "6.2.2.7"
                              },
                              {
                                "version_value": "6.2.2.8"
                              },
                              {
                                "version_value": "6.2.2.9"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "IBM"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "IBM Tivoli Monitoring V6 6.2.2.x could allow a remote attacker to execute arbitrary code on the system, caused by a use-after-free error. A remote attacker could exploit this vulnerability to execute arbitrary code on the system or cause the application to crash. IBM X-Force ID: 133243."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Gain Privileges"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/133243",
                  "refsource": "MISC",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/133243"
                },
                {
                  "name": "http://www.ibm.com/support/docview.wss?uid=swg22010554",
                  "refsource": "CONFIRM",
                  "url": "http://www.ibm.com/support/docview.wss?uid=swg22010554"
                },
                {
                  "name": "101905",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/101905"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "assignerShortName": "ibm",
        "cveId": "CVE-2017-1635",
        "datePublished": "2017-12-13T18:00:00.000Z",
        "dateReserved": "2016-11-30T00:00:00.000Z",
        "dateUpdated": "2024-09-16T17:38:14.279Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2017-1183 (GCVE-0-2017-1183)

    Vulnerability from nvd – Published: 2017-07-14 13:00 – Updated: 2024-09-16 20:52
    VLAI
    Summary
    IBM Tivoli Monitoring Portal v6 could allow a local (network adjacent) attacker to modify SQL commands to the Portal Server, when default client-server communications, HTTP, are being used. IBM X-Force ID: 123494.
    Severity
    No CVSS data available.
    CWE
    • Data Manipulation
    Assigner
    ibm
    References
    Impacted products
    Vendor Product Version
    IBM Tivoli Monitoring V6 Affected: 6.2.3.5
    Affected: 6.2.2.9
    Affected: 6.3.0.7
    Create a notification for this product.
    Date Public
    2017-07-12 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T13:25:17.497Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/123494"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.ibm.com/support/docview.wss?uid=swg22003402"
              },
              {
                "name": "99610",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/99610"
              },
              {
                "name": "1038913",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id/1038913"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Tivoli Monitoring V6",
              "vendor": "IBM",
              "versions": [
                {
                  "status": "affected",
                  "version": "6.2.3.5"
                },
                {
                  "status": "affected",
                  "version": "6.2.2.9"
                },
                {
                  "status": "affected",
                  "version": "6.3.0.7"
                }
              ]
            }
          ],
          "datePublic": "2017-07-12T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "IBM Tivoli Monitoring Portal v6 could allow a local (network adjacent) attacker to modify SQL commands to the Portal Server, when default client-server communications, HTTP, are being used. IBM X-Force ID: 123494."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Data Manipulation",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-07-18T09:57:01.000Z",
            "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
            "shortName": "ibm"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/123494"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.ibm.com/support/docview.wss?uid=swg22003402"
            },
            {
              "name": "99610",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/99610"
            },
            {
              "name": "1038913",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id/1038913"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@us.ibm.com",
              "DATE_PUBLIC": "2017-07-12T00:00:00",
              "ID": "CVE-2017-1183",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Tivoli Monitoring V6",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "6.2.3.5"
                              },
                              {
                                "version_value": "6.2.2.9"
                              },
                              {
                                "version_value": "6.3.0.7"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "IBM"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "IBM Tivoli Monitoring Portal v6 could allow a local (network adjacent) attacker to modify SQL commands to the Portal Server, when default client-server communications, HTTP, are being used. IBM X-Force ID: 123494."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Data Manipulation"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/123494",
                  "refsource": "MISC",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/123494"
                },
                {
                  "name": "http://www.ibm.com/support/docview.wss?uid=swg22003402",
                  "refsource": "CONFIRM",
                  "url": "http://www.ibm.com/support/docview.wss?uid=swg22003402"
                },
                {
                  "name": "99610",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/99610"
                },
                {
                  "name": "1038913",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id/1038913"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "assignerShortName": "ibm",
        "cveId": "CVE-2017-1183",
        "datePublished": "2017-07-14T13:00:00.000Z",
        "dateReserved": "2016-11-30T00:00:00.000Z",
        "dateUpdated": "2024-09-16T20:52:33.757Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2017-1182 (GCVE-0-2017-1182)

    Vulnerability from nvd – Published: 2017-07-14 13:00 – Updated: 2024-09-16 19:04
    VLAI
    Summary
    IBM Tivoli Monitoring Portal v6 could allow a local (network adjacent) attacker to execute arbitrary commands on the system, when default client-server default communications, HTTP, are being used. IBM X-Force ID: 123493.
    Severity
    No CVSS data available.
    CWE
    • Gain Privileges
    Assigner
    ibm
    References
    Impacted products
    Vendor Product Version
    IBM Tivoli Monitoring V6 Affected: 6.2.3.5
    Affected: 6.2.2.9
    Affected: 6.3.0.7
    Create a notification for this product.
    Date Public
    2017-07-12 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T13:25:17.407Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/123493"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.ibm.com/support/docview.wss?uid=swg22003402"
              },
              {
                "name": "1038913",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id/1038913"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Tivoli Monitoring V6",
              "vendor": "IBM",
              "versions": [
                {
                  "status": "affected",
                  "version": "6.2.3.5"
                },
                {
                  "status": "affected",
                  "version": "6.2.2.9"
                },
                {
                  "status": "affected",
                  "version": "6.3.0.7"
                }
              ]
            }
          ],
          "datePublic": "2017-07-12T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "IBM Tivoli Monitoring Portal v6 could allow a local (network adjacent) attacker to execute arbitrary commands on the system, when default client-server default communications, HTTP, are being used. IBM X-Force ID: 123493."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Gain Privileges",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-07-18T09:57:01.000Z",
            "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
            "shortName": "ibm"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/123493"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.ibm.com/support/docview.wss?uid=swg22003402"
            },
            {
              "name": "1038913",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id/1038913"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@us.ibm.com",
              "DATE_PUBLIC": "2017-07-12T00:00:00",
              "ID": "CVE-2017-1182",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Tivoli Monitoring V6",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "6.2.3.5"
                              },
                              {
                                "version_value": "6.2.2.9"
                              },
                              {
                                "version_value": "6.3.0.7"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "IBM"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "IBM Tivoli Monitoring Portal v6 could allow a local (network adjacent) attacker to execute arbitrary commands on the system, when default client-server default communications, HTTP, are being used. IBM X-Force ID: 123493."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Gain Privileges"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/123493",
                  "refsource": "MISC",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/123493"
                },
                {
                  "name": "http://www.ibm.com/support/docview.wss?uid=swg22003402",
                  "refsource": "CONFIRM",
                  "url": "http://www.ibm.com/support/docview.wss?uid=swg22003402"
                },
                {
                  "name": "1038913",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id/1038913"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "assignerShortName": "ibm",
        "cveId": "CVE-2017-1182",
        "datePublished": "2017-07-14T13:00:00.000Z",
        "dateReserved": "2016-11-30T00:00:00.000Z",
        "dateUpdated": "2024-09-16T19:04:42.739Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2017-1181 (GCVE-0-2017-1181)

    Vulnerability from nvd – Published: 2017-07-14 13:00 – Updated: 2024-09-17 04:29
    VLAI
    Summary
    IBM Tivoli Monitoring Portal V6 client could allow a local attacker to gain elevated privileges for IBM Tivoli Monitoring, caused by the default console connection not being encrypted. IBM X-Force ID: 123487.
    Severity
    No CVSS data available.
    CWE
    • Obtain Information
    Assigner
    ibm
    References
    Impacted products
    Vendor Product Version
    IBM Tivoli Monitoring V6 Affected: 6.2.3.5
    Affected: 6.2.2.9
    Affected: 6.3.0.7
    Create a notification for this product.
    Date Public
    2017-07-12 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T13:25:17.376Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/123487"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.ibm.com/support/docview.wss?uid=swg22003402"
              },
              {
                "name": "99596",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/99596"
              },
              {
                "name": "1038913",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id/1038913"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Tivoli Monitoring V6",
              "vendor": "IBM",
              "versions": [
                {
                  "status": "affected",
                  "version": "6.2.3.5"
                },
                {
                  "status": "affected",
                  "version": "6.2.2.9"
                },
                {
                  "status": "affected",
                  "version": "6.3.0.7"
                }
              ]
            }
          ],
          "datePublic": "2017-07-12T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "IBM Tivoli Monitoring Portal V6 client could allow a local attacker to gain elevated privileges for IBM Tivoli Monitoring, caused by the default console connection not being encrypted. IBM X-Force ID: 123487."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Obtain Information",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-07-18T09:57:01.000Z",
            "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
            "shortName": "ibm"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/123487"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.ibm.com/support/docview.wss?uid=swg22003402"
            },
            {
              "name": "99596",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/99596"
            },
            {
              "name": "1038913",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id/1038913"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@us.ibm.com",
              "DATE_PUBLIC": "2017-07-12T00:00:00",
              "ID": "CVE-2017-1181",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Tivoli Monitoring V6",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "6.2.3.5"
                              },
                              {
                                "version_value": "6.2.2.9"
                              },
                              {
                                "version_value": "6.3.0.7"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "IBM"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "IBM Tivoli Monitoring Portal V6 client could allow a local attacker to gain elevated privileges for IBM Tivoli Monitoring, caused by the default console connection not being encrypted. IBM X-Force ID: 123487."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Obtain Information"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/123487",
                  "refsource": "MISC",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/123487"
                },
                {
                  "name": "http://www.ibm.com/support/docview.wss?uid=swg22003402",
                  "refsource": "CONFIRM",
                  "url": "http://www.ibm.com/support/docview.wss?uid=swg22003402"
                },
                {
                  "name": "99596",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/99596"
                },
                {
                  "name": "1038913",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id/1038913"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "assignerShortName": "ibm",
        "cveId": "CVE-2017-1181",
        "datePublished": "2017-07-14T13:00:00.000Z",
        "dateReserved": "2016-11-30T00:00:00.000Z",
        "dateUpdated": "2024-09-17T04:29:08.459Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2016-6083 (GCVE-0-2016-6083)

    Vulnerability from nvd – Published: 2017-06-27 16:00 – Updated: 2024-08-06 01:22
    VLAI
    Summary
    IBM Tivoli Monitoring V6 could allow an unauthenticated user to access SOAP queries that could contain sensitive information. IBM X-Force ID: 117696.
    Severity
    No CVSS data available.
    CWE
    • Obtain Information
    Assigner
    ibm
    References
    Impacted products
    Vendor Product Version
    IBM Tivoli Monitoring V6 Affected: 6.2.2
    Affected: 6.2.3
    Affected: 6.3.0
    Affected: 6.2.3.1
    Affected: 6.2.3.2
    Affected: 6.2.3.3
    Affected: 6.2.3.4
    Affected: 6.2.3.5
    Affected: 6.3
    Affected: 6.3.0.1
    Affected: 6.3.0.2
    Affected: 6.3.0.3
    Affected: 6.3.0.4
    Affected: 6.3.0.5
    Affected: 6.3.0.6
    Affected: 6.2.2.2
    Affected: 6.2.2.3
    Affected: 6.2.2.4
    Affected: 6.2.2.5
    Affected: 6.2.2.6
    Affected: 6.2.2.7
    Affected: 6.2.2.8
    Affected: 6.2.2.9
    Affected: 6.3.0.7
    Create a notification for this product.
    Date Public
    2017-03-23 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T01:22:19.711Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.ibm.com/support/docview.wss?uid=swg22000909"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/117696"
              },
              {
                "name": "99259",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/99259"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Tivoli Monitoring V6",
              "vendor": "IBM",
              "versions": [
                {
                  "status": "affected",
                  "version": "6.2.2"
                },
                {
                  "status": "affected",
                  "version": "6.2.3"
                },
                {
                  "status": "affected",
                  "version": "6.3.0"
                },
                {
                  "status": "affected",
                  "version": "6.2.3.1"
                },
                {
                  "status": "affected",
                  "version": "6.2.3.2"
                },
                {
                  "status": "affected",
                  "version": "6.2.3.3"
                },
                {
                  "status": "affected",
                  "version": "6.2.3.4"
                },
                {
                  "status": "affected",
                  "version": "6.2.3.5"
                },
                {
                  "status": "affected",
                  "version": "6.3"
                },
                {
                  "status": "affected",
                  "version": "6.3.0.1"
                },
                {
                  "status": "affected",
                  "version": "6.3.0.2"
                },
                {
                  "status": "affected",
                  "version": "6.3.0.3"
                },
                {
                  "status": "affected",
                  "version": "6.3.0.4"
                },
                {
                  "status": "affected",
                  "version": "6.3.0.5"
                },
                {
                  "status": "affected",
                  "version": "6.3.0.6"
                },
                {
                  "status": "affected",
                  "version": "6.2.2.2"
                },
                {
                  "status": "affected",
                  "version": "6.2.2.3"
                },
                {
                  "status": "affected",
                  "version": "6.2.2.4"
                },
                {
                  "status": "affected",
                  "version": "6.2.2.5"
                },
                {
                  "status": "affected",
                  "version": "6.2.2.6"
                },
                {
                  "status": "affected",
                  "version": "6.2.2.7"
                },
                {
                  "status": "affected",
                  "version": "6.2.2.8"
                },
                {
                  "status": "affected",
                  "version": "6.2.2.9"
                },
                {
                  "status": "affected",
                  "version": "6.3.0.7"
                }
              ]
            }
          ],
          "datePublic": "2017-03-23T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "IBM Tivoli Monitoring V6 could allow an unauthenticated user to access SOAP queries that could contain sensitive information. IBM X-Force ID: 117696."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Obtain Information",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-06-28T09:57:01.000Z",
            "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
            "shortName": "ibm"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.ibm.com/support/docview.wss?uid=swg22000909"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/117696"
            },
            {
              "name": "99259",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/99259"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@us.ibm.com",
              "ID": "CVE-2016-6083",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Tivoli Monitoring V6",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "6.2.2"
                              },
                              {
                                "version_value": "6.2.3"
                              },
                              {
                                "version_value": "6.3.0"
                              },
                              {
                                "version_value": "6.2.3.1"
                              },
                              {
                                "version_value": "6.2.3.2"
                              },
                              {
                                "version_value": "6.2.3.3"
                              },
                              {
                                "version_value": "6.2.3.4"
                              },
                              {
                                "version_value": "6.2.3.5"
                              },
                              {
                                "version_value": "6.3"
                              },
                              {
                                "version_value": "6.3.0.1"
                              },
                              {
                                "version_value": "6.3.0.2"
                              },
                              {
                                "version_value": "6.3.0.3"
                              },
                              {
                                "version_value": "6.3.0.4"
                              },
                              {
                                "version_value": "6.3.0.5"
                              },
                              {
                                "version_value": "6.3.0.6"
                              },
                              {
                                "version_value": "6.2.2.2"
                              },
                              {
                                "version_value": "6.2.2.3"
                              },
                              {
                                "version_value": "6.2.2.4"
                              },
                              {
                                "version_value": "6.2.2.5"
                              },
                              {
                                "version_value": "6.2.2.6"
                              },
                              {
                                "version_value": "6.2.2.7"
                              },
                              {
                                "version_value": "6.2.2.8"
                              },
                              {
                                "version_value": "6.2.2.9"
                              },
                              {
                                "version_value": "6.3.0.7"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "IBM"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "IBM Tivoli Monitoring V6 could allow an unauthenticated user to access SOAP queries that could contain sensitive information. IBM X-Force ID: 117696."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Obtain Information"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://www.ibm.com/support/docview.wss?uid=swg22000909",
                  "refsource": "CONFIRM",
                  "url": "http://www.ibm.com/support/docview.wss?uid=swg22000909"
                },
                {
                  "name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/117696",
                  "refsource": "MISC",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/117696"
                },
                {
                  "name": "99259",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/99259"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "assignerShortName": "ibm",
        "cveId": "CVE-2016-6083",
        "datePublished": "2017-06-27T16:00:00.000Z",
        "dateReserved": "2016-06-29T00:00:00.000Z",
        "dateUpdated": "2024-08-06T01:22:19.711Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2016-5933 (GCVE-0-2016-5933)

    Vulnerability from nvd – Published: 2017-03-08 19:00 – Updated: 2024-08-06 01:15
    VLAI
    Summary
    IBM Tivoli Monitoring 6.2 and 6.3 is vulnerable to possible host header injection attack that could lead to HTTP cache poisoning or firewall bypass. IBM Reference #: 1997223.
    Severity
    No CVSS data available.
    CWE
    • Gain Access
    Assigner
    ibm
    References
    Impacted products
    Vendor Product Version
    IBM Corporation Tivoli Monitoring V6 Affected: 6.2.0
    Affected: 6.2.1
    Affected: 6.2.2
    Affected: 6.2.3
    Affected: 6.3.0
    Affected: 6.2.3.1
    Affected: 6.2.3.2
    Affected: 6.2.3.3
    Affected: 6.2.3.4
    Affected: 6.2.3.5
    Affected: 6.3
    Affected: 6.3.0.1
    Affected: 6.3.0.2
    Affected: 6.3.0.3
    Affected: 6.3.0.4
    Affected: 6.3.1
    Affected: 6.3.0.5
    Affected: 6.3.0.6
    Affected: 6.2.2.2
    Affected: 6.2.2.3
    Affected: 6.2.2.4
    Affected: 6.2.2.5
    Affected: 6.2.2.6
    Affected: 6.2.2.7
    Affected: 6.2.2.8
    Affected: 6.2.2.9
    Affected: 6.3.0.7
    Create a notification for this product.
    Date Public
    2017-01-13 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T01:15:09.988Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.ibm.com/support/docview.wss?uid=swg21997223"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Tivoli Monitoring V6",
              "vendor": "IBM Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "6.2.0"
                },
                {
                  "status": "affected",
                  "version": "6.2.1"
                },
                {
                  "status": "affected",
                  "version": "6.2.2"
                },
                {
                  "status": "affected",
                  "version": "6.2.3"
                },
                {
                  "status": "affected",
                  "version": "6.3.0"
                },
                {
                  "status": "affected",
                  "version": "6.2.3.1"
                },
                {
                  "status": "affected",
                  "version": "6.2.3.2"
                },
                {
                  "status": "affected",
                  "version": "6.2.3.3"
                },
                {
                  "status": "affected",
                  "version": "6.2.3.4"
                },
                {
                  "status": "affected",
                  "version": "6.2.3.5"
                },
                {
                  "status": "affected",
                  "version": "6.3"
                },
                {
                  "status": "affected",
                  "version": "6.3.0.1"
                },
                {
                  "status": "affected",
                  "version": "6.3.0.2"
                },
                {
                  "status": "affected",
                  "version": "6.3.0.3"
                },
                {
                  "status": "affected",
                  "version": "6.3.0.4"
                },
                {
                  "status": "affected",
                  "version": "6.3.1"
                },
                {
                  "status": "affected",
                  "version": "6.3.0.5"
                },
                {
                  "status": "affected",
                  "version": "6.3.0.6"
                },
                {
                  "status": "affected",
                  "version": "6.2.2.2"
                },
                {
                  "status": "affected",
                  "version": "6.2.2.3"
                },
                {
                  "status": "affected",
                  "version": "6.2.2.4"
                },
                {
                  "status": "affected",
                  "version": "6.2.2.5"
                },
                {
                  "status": "affected",
                  "version": "6.2.2.6"
                },
                {
                  "status": "affected",
                  "version": "6.2.2.7"
                },
                {
                  "status": "affected",
                  "version": "6.2.2.8"
                },
                {
                  "status": "affected",
                  "version": "6.2.2.9"
                },
                {
                  "status": "affected",
                  "version": "6.3.0.7"
                }
              ]
            }
          ],
          "datePublic": "2017-01-13T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "IBM Tivoli Monitoring 6.2 and 6.3 is vulnerable to possible host header injection attack that could lead to HTTP cache poisoning or firewall bypass. IBM Reference #: 1997223."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Gain Access",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-03-08T18:57:01.000Z",
            "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
            "shortName": "ibm"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.ibm.com/support/docview.wss?uid=swg21997223"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@us.ibm.com",
              "ID": "CVE-2016-5933",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Tivoli Monitoring V6",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "6.2.0"
                              },
                              {
                                "version_value": "6.2.1"
                              },
                              {
                                "version_value": "6.2.2"
                              },
                              {
                                "version_value": "6.2.3"
                              },
                              {
                                "version_value": "6.3.0"
                              },
                              {
                                "version_value": "6.2.3.1"
                              },
                              {
                                "version_value": "6.2.3.2"
                              },
                              {
                                "version_value": "6.2.3.3"
                              },
                              {
                                "version_value": "6.2.3.4"
                              },
                              {
                                "version_value": "6.2.3.5"
                              },
                              {
                                "version_value": "6.3"
                              },
                              {
                                "version_value": "6.3.0.1"
                              },
                              {
                                "version_value": "6.3.0.2"
                              },
                              {
                                "version_value": "6.3.0.3"
                              },
                              {
                                "version_value": "6.3.0.4"
                              },
                              {
                                "version_value": "6.3.1"
                              },
                              {
                                "version_value": "6.3.0.5"
                              },
                              {
                                "version_value": "6.3.0.6"
                              },
                              {
                                "version_value": "6.2.2.2"
                              },
                              {
                                "version_value": "6.2.2.3"
                              },
                              {
                                "version_value": "6.2.2.4"
                              },
                              {
                                "version_value": "6.2.2.5"
                              },
                              {
                                "version_value": "6.2.2.6"
                              },
                              {
                                "version_value": "6.2.2.7"
                              },
                              {
                                "version_value": "6.2.2.8"
                              },
                              {
                                "version_value": "6.2.2.9"
                              },
                              {
                                "version_value": "6.3.0.7"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "IBM Corporation"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "IBM Tivoli Monitoring 6.2 and 6.3 is vulnerable to possible host header injection attack that could lead to HTTP cache poisoning or firewall bypass. IBM Reference #: 1997223."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Gain Access"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://www.ibm.com/support/docview.wss?uid=swg21997223",
                  "refsource": "CONFIRM",
                  "url": "http://www.ibm.com/support/docview.wss?uid=swg21997223"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "assignerShortName": "ibm",
        "cveId": "CVE-2016-5933",
        "datePublished": "2017-03-08T19:00:00.000Z",
        "dateReserved": "2016-06-29T00:00:00.000Z",
        "dateUpdated": "2024-08-06T01:15:09.988Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-3356 (GCVE-0-2025-3356)

    Vulnerability from cvelistv5 – Published: 2025-10-30 19:22 – Updated: 2025-10-30 19:41
    VLAI
    Title
    IBM Tivoli Monitoring is vulnerable to unauthenticated file read and write operations
    Summary
    IBM Tivoli Monitoring 6.3.0.7 through 6.3.0.7 Service Pack 21 could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences (/../) to view, overwrite, or append to arbitrary files on the system.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
    Assigner
    ibm
    References
    URL Tags
    https://www.ibm.com/support/pages/node/7249694 vendor-advisorypatch
    Impacted products
    Vendor Product Version
    IBM Tivoli Monitoring Affected: 6.3.0.7 , ≤ 6.3.0.7 Service Pack 21 (semver)
        cpe:2.3:a:ibm:tivoli_monitoring:6.3.0.7:*:*:*:*:*:*:*
        cpe:2.3:a:ibm:tivoli_monitoring:6.3.0.7:sp21:*:*:*:*:*:*
    Create a notification for this product.
    Credits
    Aleksandr Tlyapov
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-3356",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-10-30T19:38:43.818984Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-10-30T19:41:12.149Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "cpes": [
                "cpe:2.3:a:ibm:tivoli_monitoring:6.3.0.7:*:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:tivoli_monitoring:6.3.0.7:sp21:*:*:*:*:*:*"
              ],
              "defaultStatus": "unaffected",
              "product": "Tivoli Monitoring",
              "vendor": "IBM",
              "versions": [
                {
                  "lessThanOrEqual": "6.3.0.7 Service Pack 21",
                  "status": "affected",
                  "version": "6.3.0.7",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Aleksandr Tlyapov"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eIBM Tivoli Monitoring 6.3.0.7 through 6.3.0.7 Service Pack 21 could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing \u0026quot;dot dot\u0026quot; sequences (/../) to view, overwrite, or append to arbitrary files on the system.\u003c/p\u003e"
                }
              ],
              "value": "IBM Tivoli Monitoring 6.3.0.7 through 6.3.0.7 Service Pack 21 could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing \"dot dot\" sequences (/../) to view, overwrite, or append to arbitrary files on the system."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 8.6,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-22",
                  "description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-10-30T19:22:37.371Z",
            "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
            "shortName": "ibm"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory",
                "patch"
              ],
              "url": "https://www.ibm.com/support/pages/node/7249694"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eRemediation/Fixes IBM strongly recommends addressing the vulnerability by following the steps provided in the following technote: Remediation of CVE-2025-3355 and CVE-2025-3356\u003c/p\u003e"
                }
              ],
              "value": "Remediation/Fixes IBM strongly recommends addressing the vulnerability by following the steps provided in the following technote: Remediation of CVE-2025-3355 and CVE-2025-3356"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "IBM Tivoli Monitoring is vulnerable to unauthenticated file read and write operations",
          "x_generator": {
            "engine": "ibm-cvegen"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "assignerShortName": "ibm",
        "cveId": "CVE-2025-3356",
        "datePublished": "2025-10-30T19:22:37.371Z",
        "dateReserved": "2025-04-06T21:05:59.220Z",
        "dateUpdated": "2025-10-30T19:41:12.149Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-3355 (GCVE-0-2025-3355)

    Vulnerability from cvelistv5 – Published: 2025-10-30 19:21 – Updated: 2025-10-30 19:51
    VLAI
    Title
    IBM Tivoli Monitoring is vulnerable to unauthenticated file read and write operations
    Summary
    IBM Tivoli Monitoring 6.3.0.7 through 6.3.0.7 Service Pack 21 could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
    Assigner
    ibm
    References
    URL Tags
    https://www.ibm.com/support/pages/node/7249694 vendor-advisorypatch
    Impacted products
    Vendor Product Version
    IBM Tivoli Monitoring Affected: 6.3.0.7 , ≤ 6.3.0.7 Service Pack 21 (semver)
        cpe:2.3:a:ibm:tivoli_monitoring:6.3.0.7:*:*:*:*:*:*:*
        cpe:2.3:a:ibm:tivoli_monitoring:6.3.0.7:sp21:*:*:*:*:*:*
    Create a notification for this product.
    Credits
    Aleksandr Tlyapov
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-3355",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-10-30T19:49:59.308067Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-10-30T19:51:08.264Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "cpes": [
                "cpe:2.3:a:ibm:tivoli_monitoring:6.3.0.7:*:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:tivoli_monitoring:6.3.0.7:sp21:*:*:*:*:*:*"
              ],
              "defaultStatus": "unaffected",
              "product": "Tivoli Monitoring",
              "vendor": "IBM",
              "versions": [
                {
                  "lessThanOrEqual": "6.3.0.7 Service Pack 21",
                  "status": "affected",
                  "version": "6.3.0.7",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Aleksandr Tlyapov"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eIBM Tivoli Monitoring 6.3.0.7 through 6.3.0.7 Service Pack 21 could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing \u0026quot;dot dot\u0026quot; sequences (/../) to view arbitrary files on the system.\u003c/p\u003e"
                }
              ],
              "value": "IBM Tivoli Monitoring 6.3.0.7 through 6.3.0.7 Service Pack 21 could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing \"dot dot\" sequences (/../) to view arbitrary files on the system."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-22",
                  "description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-10-30T19:21:42.496Z",
            "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
            "shortName": "ibm"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory",
                "patch"
              ],
              "url": "https://www.ibm.com/support/pages/node/7249694"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eRemediation/Fixes IBM strongly recommends addressing the vulnerability by following the steps provided in the following technote: Remediation of CVE-2025-3355 and CVE-2025-3356\u003c/p\u003e"
                }
              ],
              "value": "Remediation/Fixes IBM strongly recommends addressing the vulnerability by following the steps provided in the following technote: Remediation of CVE-2025-3355 and CVE-2025-3356"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "IBM Tivoli Monitoring is vulnerable to unauthenticated file read and write operations",
          "x_generator": {
            "engine": "ibm-cvegen"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "assignerShortName": "ibm",
        "cveId": "CVE-2025-3355",
        "datePublished": "2025-10-30T19:21:42.496Z",
        "dateReserved": "2025-04-06T21:02:26.939Z",
        "dateUpdated": "2025-10-30T19:51:08.264Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-3354 (GCVE-0-2025-3354)

    Vulnerability from cvelistv5 – Published: 2025-08-06 13:50 – Updated: 2026-02-26 17:49
    VLAI
    Title
    IBM Tivoli Monitoring code execution
    Summary
    IBM Tivoli Monitoring 6.3.0.7 through 6.3.0.7 Service Pack 20 is vulnerable to a heap-based buffer overflow, caused by improper bounds checking. A remote attacker could overflow a buffer and execute arbitrary code on the system or cause the server to crash.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-122 - Heap-based Buffer Overflow
    Assigner
    ibm
    References
    URL Tags
    https://www.ibm.com/support/pages/node/7241472 vendor-advisorypatch
    Impacted products
    Vendor Product Version
    IBM Tivoli Monitoring Affected: 6.3.0.7 , ≤ 6.3.0.7 SP20 (semver)
        cpe:2.3:a:ibm:tivoli_monitoring:6.3.0.7:*:*:*:*:*:*:*
        cpe:2.3:a:ibm:tivoli_monitoring:6.3.0.7:service_pack_20:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-3354",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-08-07T03:55:22.863754Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-02-26T17:49:53.408Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "cpes": [
                "cpe:2.3:a:ibm:tivoli_monitoring:6.3.0.7:*:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:tivoli_monitoring:6.3.0.7:service_pack_20:*:*:*:*:*:*"
              ],
              "defaultStatus": "unaffected",
              "product": "Tivoli Monitoring",
              "vendor": "IBM",
              "versions": [
                {
                  "lessThanOrEqual": "6.3.0.7 SP20",
                  "status": "affected",
                  "version": "6.3.0.7",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "IBM Tivoli Monitoring 6.3.0.7 through 6.3.0.7 Service Pack 20 is vulnerable to a heap-based buffer overflow, caused by improper bounds checking. A remote attacker could overflow a buffer and execute arbitrary code on the system or cause the server to crash."
                }
              ],
              "value": "IBM Tivoli Monitoring 6.3.0.7 through 6.3.0.7 Service Pack 20 is vulnerable to a heap-based buffer overflow, caused by improper bounds checking. A remote attacker could overflow a buffer and execute arbitrary code on the system or cause the server to crash."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 8.1,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-122",
                  "description": "CWE-122 Heap-based Buffer Overflow",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-08-06T13:50:06.240Z",
            "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
            "shortName": "ibm"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory",
                "patch"
              ],
              "url": "https://www.ibm.com/support/pages/node/7241472"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "IBM strongly recommends addressing the vulnerability now by upgrading to 6.3.0.7-SP0021\u003cbr\u003e\u003cbr\u003e6.3.0.7-TIV-ITM-SP0021  6.3.0.7  IBM Tivoli Monitoring Service Pack 6.3.0.7-TIV-ITM-SP0021\u003cbr\u003e\u003cbr\u003e"
                }
              ],
              "value": "IBM strongly recommends addressing the vulnerability now by upgrading to 6.3.0.7-SP0021\n\n6.3.0.7-TIV-ITM-SP0021  6.3.0.7  IBM Tivoli Monitoring Service Pack 6.3.0.7-TIV-ITM-SP0021"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "IBM Tivoli Monitoring code execution",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "assignerShortName": "ibm",
        "cveId": "CVE-2025-3354",
        "datePublished": "2025-08-06T13:50:06.240Z",
        "dateReserved": "2025-04-06T20:57:16.315Z",
        "dateUpdated": "2026-02-26T17:49:53.408Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-3320 (GCVE-0-2025-3320)

    Vulnerability from cvelistv5 – Published: 2025-08-06 13:49 – Updated: 2025-08-07 03:55
    VLAI
    Title
    IBM Tivoli Monitoring code execution
    Summary
    IBM Tivoli Monitoring 6.3.0.7 through 6.3.0.7 Service Pack 20 is vulnerable to a heap-based buffer overflow, caused by improper bounds checking. A remote attacker could overflow a buffer and execute arbitrary code on the system or cause the server to crash.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-122 - Heap-based Buffer Overflow
    Assigner
    ibm
    References
    URL Tags
    https://www.ibm.com/support/pages/node/7241472 vendor-advisorypatch
    Impacted products
    Vendor Product Version
    IBM Tivoli Monitoring Affected: 6.3.0.7 , ≤ 6.3.0.7 SP20 (semver)
        cpe:2.3:a:ibm:tivoli_monitoring:6.3.0.7:*:*:*:*:*:*:*
        cpe:2.3:a:ibm:tivoli_monitoring:6.3.0.7:service_pack_20:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-3320",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-08-06T00:00:00+00:00",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-08-07T03:55:20.363Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "cpes": [
                "cpe:2.3:a:ibm:tivoli_monitoring:6.3.0.7:*:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:tivoli_monitoring:6.3.0.7:service_pack_20:*:*:*:*:*:*"
              ],
              "defaultStatus": "unaffected",
              "product": "Tivoli Monitoring",
              "vendor": "IBM",
              "versions": [
                {
                  "lessThanOrEqual": "6.3.0.7 SP20",
                  "status": "affected",
                  "version": "6.3.0.7",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "IBM Tivoli Monitoring 6.3.0.7 through 6.3.0.7 Service Pack 20 is vulnerable to a heap-based buffer overflow, caused by improper bounds checking. A remote attacker could overflow a buffer and execute arbitrary code on the system or cause the server to crash."
                }
              ],
              "value": "IBM Tivoli Monitoring 6.3.0.7 through 6.3.0.7 Service Pack 20 is vulnerable to a heap-based buffer overflow, caused by improper bounds checking. A remote attacker could overflow a buffer and execute arbitrary code on the system or cause the server to crash."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 8.1,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-122",
                  "description": "CWE-122 Heap-based Buffer Overflow",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-08-06T13:49:35.970Z",
            "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
            "shortName": "ibm"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory",
                "patch"
              ],
              "url": "https://www.ibm.com/support/pages/node/7241472"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "IBM strongly recommends addressing the vulnerability now by upgrading to 6.3.0.7-SP0021\u003cbr\u003e\u003cbr\u003e6.3.0.7-TIV-ITM-SP0021  6.3.0.7  IBM Tivoli Monitoring Service Pack 6.3.0.7-TIV-ITM-SP0021\u003cbr\u003e\u003cbr\u003e"
                }
              ],
              "value": "IBM strongly recommends addressing the vulnerability now by upgrading to 6.3.0.7-SP0021\n\n6.3.0.7-TIV-ITM-SP0021  6.3.0.7  IBM Tivoli Monitoring Service Pack 6.3.0.7-TIV-ITM-SP0021"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "IBM Tivoli Monitoring code execution",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "assignerShortName": "ibm",
        "cveId": "CVE-2025-3320",
        "datePublished": "2025-08-06T13:49:35.970Z",
        "dateReserved": "2025-04-05T13:35:40.648Z",
        "dateUpdated": "2025-08-07T03:55:20.363Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-3357 (GCVE-0-2025-3357)

    Vulnerability from cvelistv5 – Published: 2025-05-28 14:51 – Updated: 2026-02-26 18:27
    VLAI
    Title
    IBM Tivoli Monitoring code execution
    Summary
    IBM Tivoli Monitoring 6.3.0.7 through 6.3.0.7 Service Pack 19 could allow a remote attacker to execute arbitrary code due to improper validation of an index value of a dynamically allocated array.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-1285 - Improper Validation of Specified Index, Position, or Offset in Input
    Assigner
    ibm
    References
    URL Tags
    https://www.ibm.com/support/pages/node/7234923 vendor-advisorypatch
    Impacted products
    Vendor Product Version
    IBM Tivoli Monitoring Affected: 6.3.0.7 , ≤ 6.3.0.7 SP15 (semver)
        cpe:2.3:a:ibm:tivoli_monitoring:6.3.0.7:*:*:*:*:*:*:*
        cpe:2.3:a:ibm:tivoli_monitoring:6.3.0.7:service_pack_15:*:*:*:*:*:*
    Create a notification for this product.
    Credits
    Aleksandr Tlyapov
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-3357",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-05-29T03:55:50.764227Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-02-26T18:27:50.921Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "cpes": [
                "cpe:2.3:a:ibm:tivoli_monitoring:6.3.0.7:*:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:tivoli_monitoring:6.3.0.7:service_pack_15:*:*:*:*:*:*"
              ],
              "defaultStatus": "unaffected",
              "product": "Tivoli Monitoring",
              "vendor": "IBM",
              "versions": [
                {
                  "lessThanOrEqual": "6.3.0.7 SP15",
                  "status": "affected",
                  "version": "6.3.0.7",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Aleksandr Tlyapov"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "IBM Tivoli Monitoring 6.3.0.7 through 6.3.0.7 Service Pack 19\u0026nbsp;could allow a remote attacker to execute arbitrary code due to improper validation of an index value of a dynamically allocated array."
                }
              ],
              "value": "IBM Tivoli Monitoring 6.3.0.7 through 6.3.0.7 Service Pack 19\u00a0could allow a remote attacker to execute arbitrary code due to improper validation of an index value of a dynamically allocated array."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-1285",
                  "description": "CWE-1285 Improper Validation of Specified Index, Position, or Offset in Input",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-08-26T14:56:28.301Z",
            "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
            "shortName": "ibm"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory",
                "patch"
              ],
              "url": "https://www.ibm.com/support/pages/node/7234923"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eIBM strongly recommends addressing the vulnerability now by upgrading to 6.3.0.7-SP0020\u003c/span\u003e\n\n\u003cbr\u003e"
                }
              ],
              "value": "IBM strongly recommends addressing the vulnerability now by upgrading to 6.3.0.7-SP0020"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "IBM Tivoli Monitoring code execution",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "assignerShortName": "ibm",
        "cveId": "CVE-2025-3357",
        "datePublished": "2025-05-28T14:51:29.649Z",
        "dateReserved": "2025-04-06T21:14:20.726Z",
        "dateUpdated": "2026-02-26T18:27:50.921Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2020-4311 (GCVE-0-2020-4311)

    Vulnerability from cvelistv5 – Published: 2020-04-23 13:10 – Updated: 2024-09-16 18:59
    VLAI
    Summary
    IBM Tivoli Monitoring 6.3.0 could allow a local attacker to execute arbitrary code on the system. By placing a specially crafted file, an attacker could exploit this vulnerability to load other DLL files located in the same directory and execute arbitrary code on the system. IBM X-Force ID: 177083.
    CWE
    • Gain Privileges
    Assigner
    ibm
    References
    Impacted products
    Vendor Product Version
    IBM Tivoli Monitoring Affected: 6.3.0
    Create a notification for this product.
    Date Public
    2020-04-22 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T08:00:06.988Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.ibm.com/support/pages/node/6198358"
              },
              {
                "name": "ibm-tivoli-cve20204311-code-exec (177083)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/177083"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Tivoli Monitoring",
              "vendor": "IBM",
              "versions": [
                {
                  "status": "affected",
                  "version": "6.3.0"
                }
              ]
            }
          ],
          "datePublic": "2020-04-22T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "IBM Tivoli Monitoring 6.3.0 could allow a local attacker to execute arbitrary code on the system. By placing a specially crafted file, an attacker could exploit this vulnerability to load other DLL files located in the same directory and execute arbitrary code on the system. IBM X-Force ID: 177083."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "attackComplexity": "HIGH",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 7.4,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitCodeMaturity": "UNPROVEN",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "remediationLevel": "OFFICIAL_FIX",
                "reportConfidence": "CONFIRMED",
                "scope": "UNCHANGED",
                "temporalScore": 6.4,
                "temporalSeverity": "MEDIUM",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:L/S:U/UI:N/A:H/C:H/I:H/PR:N/AC:H/E:U/RL:O/RC:C",
                "version": "3.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Gain Privileges",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-04-23T13:10:23.000Z",
            "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
            "shortName": "ibm"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.ibm.com/support/pages/node/6198358"
            },
            {
              "name": "ibm-tivoli-cve20204311-code-exec (177083)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/177083"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@us.ibm.com",
              "DATE_PUBLIC": "2020-04-22T00:00:00",
              "ID": "CVE-2020-4311",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Tivoli Monitoring",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "6.3.0"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "IBM"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "IBM Tivoli Monitoring 6.3.0 could allow a local attacker to execute arbitrary code on the system. By placing a specially crafted file, an attacker could exploit this vulnerability to load other DLL files located in the same directory and execute arbitrary code on the system. IBM X-Force ID: 177083."
                }
              ]
            },
            "impact": {
              "cvssv3": {
                "BM": {
                  "A": "H",
                  "AC": "H",
                  "AV": "L",
                  "C": "H",
                  "I": "H",
                  "PR": "N",
                  "S": "U",
                  "UI": "N"
                },
                "TM": {
                  "E": "U",
                  "RC": "C",
                  "RL": "O"
                }
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Gain Privileges"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.ibm.com/support/pages/node/6198358",
                  "refsource": "CONFIRM",
                  "title": "IBM Security Bulletin 6198358 (Tivoli Monitoring)",
                  "url": "https://www.ibm.com/support/pages/node/6198358"
                },
                {
                  "name": "ibm-tivoli-cve20204311-code-exec (177083)",
                  "refsource": "XF",
                  "title": "X-Force Vulnerability Report",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/177083"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "assignerShortName": "ibm",
        "cveId": "CVE-2020-4311",
        "datePublished": "2020-04-23T13:10:23.928Z",
        "dateReserved": "2019-12-30T00:00:00.000Z",
        "dateUpdated": "2024-09-16T18:59:33.454Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2019-4592 (GCVE-0-2019-4592)

    Vulnerability from cvelistv5 – Published: 2020-02-13 15:40 – Updated: 2024-09-17 01:01
    VLAI
    Summary
    IBM Tivoli Monitoring Service 6.3.0.7.3 through 6.3.0.7.10 could allow an unauthorized user to access and modify operation aspects of the ITM monitoring server possibly leading to an effective denial of service or disabling of the monitoring server. IBM X-Force ID: 167647.
    CWE
    • Denial of Service
    Assigner
    ibm
    References
    Impacted products
    Vendor Product Version
    IBM Tivoli Monitoring Affected: 6.3.0.7.3
    Affected: 6.3.0.7.10
    Create a notification for this product.
    Date Public
    2020-02-12 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T19:40:47.515Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.ibm.com/support/pages/node/2278617"
              },
              {
                "name": "ibm-tivoli-cve20194592-dos (167647)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/167647"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Tivoli Monitoring",
              "vendor": "IBM",
              "versions": [
                {
                  "status": "affected",
                  "version": "6.3.0.7.3"
                },
                {
                  "status": "affected",
                  "version": "6.3.0.7.10"
                }
              ]
            }
          ],
          "datePublic": "2020-02-12T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "IBM Tivoli Monitoring Service 6.3.0.7.3 through 6.3.0.7.10 could allow an unauthorized user to access and modify operation aspects of the ITM monitoring server possibly leading to an effective denial of service or disabling of the monitoring server. IBM X-Force ID: 167647."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "exploitCodeMaturity": "UNPROVEN",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "remediationLevel": "OFFICIAL_FIX",
                "reportConfidence": "CONFIRMED",
                "scope": "UNCHANGED",
                "temporalScore": 6.5,
                "temporalSeverity": "MEDIUM",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/A:H/AV:N/C:N/S:U/AC:L/I:N/UI:N/PR:N/RL:O/E:U/RC:C",
                "version": "3.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Denial of Service",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-02-13T15:40:21.000Z",
            "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
            "shortName": "ibm"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.ibm.com/support/pages/node/2278617"
            },
            {
              "name": "ibm-tivoli-cve20194592-dos (167647)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/167647"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@us.ibm.com",
              "DATE_PUBLIC": "2020-02-12T00:00:00",
              "ID": "CVE-2019-4592",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Tivoli Monitoring",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "6.3.0.7.3"
                              },
                              {
                                "version_value": "6.3.0.7.10"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "IBM"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "IBM Tivoli Monitoring Service 6.3.0.7.3 through 6.3.0.7.10 could allow an unauthorized user to access and modify operation aspects of the ITM monitoring server possibly leading to an effective denial of service or disabling of the monitoring server. IBM X-Force ID: 167647."
                }
              ]
            },
            "impact": {
              "cvssv3": {
                "BM": {
                  "A": "H",
                  "AC": "L",
                  "AV": "N",
                  "C": "N",
                  "I": "N",
                  "PR": "N",
                  "S": "U",
                  "UI": "N"
                },
                "TM": {
                  "E": "U",
                  "RC": "C",
                  "RL": "O"
                }
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Denial of Service"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.ibm.com/support/pages/node/2278617",
                  "refsource": "CONFIRM",
                  "title": "IBM Security Bulletin 2278617 (Tivoli Monitoring)",
                  "url": "https://www.ibm.com/support/pages/node/2278617"
                },
                {
                  "name": "ibm-tivoli-cve20194592-dos (167647)",
                  "refsource": "XF",
                  "title": "X-Force Vulnerability Report",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/167647"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "assignerShortName": "ibm",
        "cveId": "CVE-2019-4592",
        "datePublished": "2020-02-13T15:40:21.327Z",
        "dateReserved": "2019-01-03T00:00:00.000Z",
        "dateUpdated": "2024-09-17T01:01:14.787Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2017-1794 (GCVE-0-2017-1794)

    Vulnerability from cvelistv5 – Published: 2018-09-19 15:00 – Updated: 2024-09-16 20:57
    VLAI
    Summary
    IBM Tivoli Monitoring 6.2.3 through 6.2.3.5 and 6.3.0 through 6.3.0.7 are vulnerable to both TEPS user privilege escalation and possible denial of service due to unconstrained memory growth. IBM X-Force ID: 137039.
    CWE
    • Gain Privileges
    Assigner
    ibm
    References
    Impacted products
    Vendor Product Version
    IBM Tivoli Monitoring Affected: 6.2.3
    Affected: 6.2.3.1
    Affected: 6.2.3.2
    Affected: 6.3.0
    Affected: 6.2.3.3
    Affected: 6.2.3.4
    Affected: 6.2.3.5
    Affected: 6.3.0.1
    Affected: 6.3.0.2
    Affected: 6.3.0.3
    Affected: 6.3.0.4
    Affected: 6.3.0.5
    Affected: 6.3.0.6
    Affected: 6.3.0.7
    Create a notification for this product.
    Date Public
    2018-09-17 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T13:39:32.263Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "ibm-tivoli-cve20171794-priv-escalation(137039)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/137039"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.ibm.com/support/docview.wss?uid=swg22014097"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Tivoli Monitoring",
              "vendor": "IBM",
              "versions": [
                {
                  "status": "affected",
                  "version": "6.2.3"
                },
                {
                  "status": "affected",
                  "version": "6.2.3.1"
                },
                {
                  "status": "affected",
                  "version": "6.2.3.2"
                },
                {
                  "status": "affected",
                  "version": "6.3.0"
                },
                {
                  "status": "affected",
                  "version": "6.2.3.3"
                },
                {
                  "status": "affected",
                  "version": "6.2.3.4"
                },
                {
                  "status": "affected",
                  "version": "6.2.3.5"
                },
                {
                  "status": "affected",
                  "version": "6.3.0.1"
                },
                {
                  "status": "affected",
                  "version": "6.3.0.2"
                },
                {
                  "status": "affected",
                  "version": "6.3.0.3"
                },
                {
                  "status": "affected",
                  "version": "6.3.0.4"
                },
                {
                  "status": "affected",
                  "version": "6.3.0.5"
                },
                {
                  "status": "affected",
                  "version": "6.3.0.6"
                },
                {
                  "status": "affected",
                  "version": "6.3.0.7"
                }
              ]
            }
          ],
          "datePublic": "2018-09-17T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "IBM Tivoli Monitoring 6.2.3 through 6.2.3.5 and 6.3.0 through 6.3.0.7 are vulnerable to both TEPS user privilege escalation and possible denial of service due to unconstrained memory growth. IBM X-Force ID: 137039."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitCodeMaturity": "UNPROVEN",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "remediationLevel": "OFFICIAL_FIX",
                "reportConfidence": "CONFIRMED",
                "scope": "UNCHANGED",
                "temporalScore": 6.5,
                "temporalSeverity": "MEDIUM",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/A:H/AC:H/AV:N/C:H/I:H/PR:L/S:U/UI:N/E:U/RC:C/RL:O",
                "version": "3.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Gain Privileges",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-09-19T14:57:01.000Z",
            "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
            "shortName": "ibm"
          },
          "references": [
            {
              "name": "ibm-tivoli-cve20171794-priv-escalation(137039)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/137039"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.ibm.com/support/docview.wss?uid=swg22014097"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@us.ibm.com",
              "DATE_PUBLIC": "2018-09-17T00:00:00",
              "ID": "CVE-2017-1794",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Tivoli Monitoring",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "6.2.3"
                              },
                              {
                                "version_value": "6.2.3.1"
                              },
                              {
                                "version_value": "6.2.3.2"
                              },
                              {
                                "version_value": "6.3.0"
                              },
                              {
                                "version_value": "6.2.3.3"
                              },
                              {
                                "version_value": "6.2.3.4"
                              },
                              {
                                "version_value": "6.2.3.5"
                              },
                              {
                                "version_value": "6.3.0.1"
                              },
                              {
                                "version_value": "6.3.0.2"
                              },
                              {
                                "version_value": "6.3.0.3"
                              },
                              {
                                "version_value": "6.3.0.4"
                              },
                              {
                                "version_value": "6.3.0.5"
                              },
                              {
                                "version_value": "6.3.0.6"
                              },
                              {
                                "version_value": "6.3.0.7"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "IBM"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "IBM Tivoli Monitoring 6.2.3 through 6.2.3.5 and 6.3.0 through 6.3.0.7 are vulnerable to both TEPS user privilege escalation and possible denial of service due to unconstrained memory growth. IBM X-Force ID: 137039."
                }
              ]
            },
            "impact": {
              "cvssv3": {
                "BM": {
                  "A": "H",
                  "AC": "H",
                  "AV": "N",
                  "C": "H",
                  "I": "H",
                  "PR": "L",
                  "S": "U",
                  "UI": "N"
                },
                "TM": {
                  "E": "U",
                  "RC": "C",
                  "RL": "O"
                }
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Gain Privileges"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "ibm-tivoli-cve20171794-priv-escalation(137039)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/137039"
                },
                {
                  "name": "https://www.ibm.com/support/docview.wss?uid=swg22014097",
                  "refsource": "CONFIRM",
                  "url": "https://www.ibm.com/support/docview.wss?uid=swg22014097"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "assignerShortName": "ibm",
        "cveId": "CVE-2017-1794",
        "datePublished": "2018-09-19T15:00:00.000Z",
        "dateReserved": "2016-11-30T00:00:00.000Z",
        "dateUpdated": "2024-09-16T20:57:57.753Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2017-1789 (GCVE-0-2017-1789)

    Vulnerability from cvelistv5 – Published: 2018-03-22 12:00 – Updated: 2024-09-16 22:35
    VLAI
    Summary
    IBM Tivoli Monitoring V6 6.2.3 and 6.3.0 could allow an unauthenticated user to remotely execute code through unspecified methods. IBM X-Force ID: 137034.
    CWE
    • Gain Access
    Assigner
    ibm
    References
    Impacted products
    Vendor Product Version
    IBM Tivoli Monitoring V6 Affected: 6.2.3
    Affected: 6.3.0
    Affected: 6.2.3.1
    Affected: 6.2.3.2
    Affected: 6.2.3.3
    Affected: 6.2.3.4
    Affected: 6.2.3.5
    Affected: 6.3.0.1
    Affected: 6.3.0.2
    Affected: 6.3.0.3
    Affected: 6.3.0.4
    Affected: 6.3.0.5
    Affected: 6.3.0.6
    Affected: 6.3.0.7
    Create a notification for this product.
    Date Public
    2018-03-13 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T13:39:32.288Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.ibm.com/support/docview.wss?uid=swg22014096"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/137034"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Tivoli Monitoring V6",
              "vendor": "IBM",
              "versions": [
                {
                  "status": "affected",
                  "version": "6.2.3"
                },
                {
                  "status": "affected",
                  "version": "6.3.0"
                },
                {
                  "status": "affected",
                  "version": "6.2.3.1"
                },
                {
                  "status": "affected",
                  "version": "6.2.3.2"
                },
                {
                  "status": "affected",
                  "version": "6.2.3.3"
                },
                {
                  "status": "affected",
                  "version": "6.2.3.4"
                },
                {
                  "status": "affected",
                  "version": "6.2.3.5"
                },
                {
                  "status": "affected",
                  "version": "6.3.0.1"
                },
                {
                  "status": "affected",
                  "version": "6.3.0.2"
                },
                {
                  "status": "affected",
                  "version": "6.3.0.3"
                },
                {
                  "status": "affected",
                  "version": "6.3.0.4"
                },
                {
                  "status": "affected",
                  "version": "6.3.0.5"
                },
                {
                  "status": "affected",
                  "version": "6.3.0.6"
                },
                {
                  "status": "affected",
                  "version": "6.3.0.7"
                }
              ]
            }
          ],
          "datePublic": "2018-03-13T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "IBM Tivoli Monitoring V6 6.2.3 and 6.3.0 could allow an unauthenticated user to remotely execute code through unspecified methods. IBM X-Force ID: 137034."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/A:H/AC:L/AV:N/C:H/I:H/PR:N/S:U/UI:N",
                "version": "3.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Gain Access",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-03-22T11:57:01.000Z",
            "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
            "shortName": "ibm"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.ibm.com/support/docview.wss?uid=swg22014096"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/137034"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@us.ibm.com",
              "DATE_PUBLIC": "2018-03-13T00:00:00",
              "ID": "CVE-2017-1789",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Tivoli Monitoring V6",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "6.2.3"
                              },
                              {
                                "version_value": "6.3.0"
                              },
                              {
                                "version_value": "6.2.3.1"
                              },
                              {
                                "version_value": "6.2.3.2"
                              },
                              {
                                "version_value": "6.2.3.3"
                              },
                              {
                                "version_value": "6.2.3.4"
                              },
                              {
                                "version_value": "6.2.3.5"
                              },
                              {
                                "version_value": "6.3.0.1"
                              },
                              {
                                "version_value": "6.3.0.2"
                              },
                              {
                                "version_value": "6.3.0.3"
                              },
                              {
                                "version_value": "6.3.0.4"
                              },
                              {
                                "version_value": "6.3.0.5"
                              },
                              {
                                "version_value": "6.3.0.6"
                              },
                              {
                                "version_value": "6.3.0.7"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "IBM"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "IBM Tivoli Monitoring V6 6.2.3 and 6.3.0 could allow an unauthenticated user to remotely execute code through unspecified methods. IBM X-Force ID: 137034."
                }
              ]
            },
            "impact": {
              "cvssv3": {
                "BM": {
                  "A": "H",
                  "AC": "L",
                  "AV": "N",
                  "C": "H",
                  "I": "H",
                  "PR": "N",
                  "S": "U",
                  "UI": "N"
                }
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Gain Access"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://www.ibm.com/support/docview.wss?uid=swg22014096",
                  "refsource": "CONFIRM",
                  "url": "http://www.ibm.com/support/docview.wss?uid=swg22014096"
                },
                {
                  "name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/137034",
                  "refsource": "MISC",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/137034"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "assignerShortName": "ibm",
        "cveId": "CVE-2017-1789",
        "datePublished": "2018-03-22T12:00:00.000Z",
        "dateReserved": "2016-11-30T00:00:00.000Z",
        "dateUpdated": "2024-09-16T22:35:36.871Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2017-1635 (GCVE-0-2017-1635)

    Vulnerability from cvelistv5 – Published: 2017-12-13 18:00 – Updated: 2024-09-16 17:38
    VLAI
    Summary
    IBM Tivoli Monitoring V6 6.2.2.x could allow a remote attacker to execute arbitrary code on the system, caused by a use-after-free error. A remote attacker could exploit this vulnerability to execute arbitrary code on the system or cause the application to crash. IBM X-Force ID: 133243.
    Severity
    No CVSS data available.
    CWE
    • Gain Privileges
    Assigner
    ibm
    References
    Impacted products
    Vendor Product Version
    IBM Tivoli Monitoring V6 Affected: 6.2.2
    Affected: 6.2.2.2
    Affected: 6.2.2.3
    Affected: 6.2.2.4
    Affected: 6.2.2.5
    Affected: 6.2.2.6
    Affected: 6.2.2.7
    Affected: 6.2.2.8
    Affected: 6.2.2.9
    Create a notification for this product.
    Date Public
    2017-11-17 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T13:39:32.008Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/133243"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.ibm.com/support/docview.wss?uid=swg22010554"
              },
              {
                "name": "101905",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/101905"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Tivoli Monitoring V6",
              "vendor": "IBM",
              "versions": [
                {
                  "status": "affected",
                  "version": "6.2.2"
                },
                {
                  "status": "affected",
                  "version": "6.2.2.2"
                },
                {
                  "status": "affected",
                  "version": "6.2.2.3"
                },
                {
                  "status": "affected",
                  "version": "6.2.2.4"
                },
                {
                  "status": "affected",
                  "version": "6.2.2.5"
                },
                {
                  "status": "affected",
                  "version": "6.2.2.6"
                },
                {
                  "status": "affected",
                  "version": "6.2.2.7"
                },
                {
                  "status": "affected",
                  "version": "6.2.2.8"
                },
                {
                  "status": "affected",
                  "version": "6.2.2.9"
                }
              ]
            }
          ],
          "datePublic": "2017-11-17T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "IBM Tivoli Monitoring V6 6.2.2.x could allow a remote attacker to execute arbitrary code on the system, caused by a use-after-free error. A remote attacker could exploit this vulnerability to execute arbitrary code on the system or cause the application to crash. IBM X-Force ID: 133243."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Gain Privileges",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-12-14T10:57:01.000Z",
            "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
            "shortName": "ibm"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/133243"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.ibm.com/support/docview.wss?uid=swg22010554"
            },
            {
              "name": "101905",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/101905"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@us.ibm.com",
              "DATE_PUBLIC": "2017-11-17T00:00:00",
              "ID": "CVE-2017-1635",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Tivoli Monitoring V6",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "6.2.2"
                              },
                              {
                                "version_value": "6.2.2.2"
                              },
                              {
                                "version_value": "6.2.2.3"
                              },
                              {
                                "version_value": "6.2.2.4"
                              },
                              {
                                "version_value": "6.2.2.5"
                              },
                              {
                                "version_value": "6.2.2.6"
                              },
                              {
                                "version_value": "6.2.2.7"
                              },
                              {
                                "version_value": "6.2.2.8"
                              },
                              {
                                "version_value": "6.2.2.9"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "IBM"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "IBM Tivoli Monitoring V6 6.2.2.x could allow a remote attacker to execute arbitrary code on the system, caused by a use-after-free error. A remote attacker could exploit this vulnerability to execute arbitrary code on the system or cause the application to crash. IBM X-Force ID: 133243."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Gain Privileges"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/133243",
                  "refsource": "MISC",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/133243"
                },
                {
                  "name": "http://www.ibm.com/support/docview.wss?uid=swg22010554",
                  "refsource": "CONFIRM",
                  "url": "http://www.ibm.com/support/docview.wss?uid=swg22010554"
                },
                {
                  "name": "101905",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/101905"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "assignerShortName": "ibm",
        "cveId": "CVE-2017-1635",
        "datePublished": "2017-12-13T18:00:00.000Z",
        "dateReserved": "2016-11-30T00:00:00.000Z",
        "dateUpdated": "2024-09-16T17:38:14.279Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2017-1181 (GCVE-0-2017-1181)

    Vulnerability from cvelistv5 – Published: 2017-07-14 13:00 – Updated: 2024-09-17 04:29
    VLAI
    Summary
    IBM Tivoli Monitoring Portal V6 client could allow a local attacker to gain elevated privileges for IBM Tivoli Monitoring, caused by the default console connection not being encrypted. IBM X-Force ID: 123487.
    Severity
    No CVSS data available.
    CWE
    • Obtain Information
    Assigner
    ibm
    References
    Impacted products
    Vendor Product Version
    IBM Tivoli Monitoring V6 Affected: 6.2.3.5
    Affected: 6.2.2.9
    Affected: 6.3.0.7
    Create a notification for this product.
    Date Public
    2017-07-12 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T13:25:17.376Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/123487"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.ibm.com/support/docview.wss?uid=swg22003402"
              },
              {
                "name": "99596",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/99596"
              },
              {
                "name": "1038913",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id/1038913"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Tivoli Monitoring V6",
              "vendor": "IBM",
              "versions": [
                {
                  "status": "affected",
                  "version": "6.2.3.5"
                },
                {
                  "status": "affected",
                  "version": "6.2.2.9"
                },
                {
                  "status": "affected",
                  "version": "6.3.0.7"
                }
              ]
            }
          ],
          "datePublic": "2017-07-12T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "IBM Tivoli Monitoring Portal V6 client could allow a local attacker to gain elevated privileges for IBM Tivoli Monitoring, caused by the default console connection not being encrypted. IBM X-Force ID: 123487."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Obtain Information",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-07-18T09:57:01.000Z",
            "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
            "shortName": "ibm"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/123487"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.ibm.com/support/docview.wss?uid=swg22003402"
            },
            {
              "name": "99596",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/99596"
            },
            {
              "name": "1038913",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id/1038913"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@us.ibm.com",
              "DATE_PUBLIC": "2017-07-12T00:00:00",
              "ID": "CVE-2017-1181",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Tivoli Monitoring V6",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "6.2.3.5"
                              },
                              {
                                "version_value": "6.2.2.9"
                              },
                              {
                                "version_value": "6.3.0.7"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "IBM"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "IBM Tivoli Monitoring Portal V6 client could allow a local attacker to gain elevated privileges for IBM Tivoli Monitoring, caused by the default console connection not being encrypted. IBM X-Force ID: 123487."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Obtain Information"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/123487",
                  "refsource": "MISC",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/123487"
                },
                {
                  "name": "http://www.ibm.com/support/docview.wss?uid=swg22003402",
                  "refsource": "CONFIRM",
                  "url": "http://www.ibm.com/support/docview.wss?uid=swg22003402"
                },
                {
                  "name": "99596",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/99596"
                },
                {
                  "name": "1038913",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id/1038913"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "assignerShortName": "ibm",
        "cveId": "CVE-2017-1181",
        "datePublished": "2017-07-14T13:00:00.000Z",
        "dateReserved": "2016-11-30T00:00:00.000Z",
        "dateUpdated": "2024-09-17T04:29:08.459Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2017-1183 (GCVE-0-2017-1183)

    Vulnerability from cvelistv5 – Published: 2017-07-14 13:00 – Updated: 2024-09-16 20:52
    VLAI
    Summary
    IBM Tivoli Monitoring Portal v6 could allow a local (network adjacent) attacker to modify SQL commands to the Portal Server, when default client-server communications, HTTP, are being used. IBM X-Force ID: 123494.
    Severity
    No CVSS data available.
    CWE
    • Data Manipulation
    Assigner
    ibm
    References
    Impacted products
    Vendor Product Version
    IBM Tivoli Monitoring V6 Affected: 6.2.3.5
    Affected: 6.2.2.9
    Affected: 6.3.0.7
    Create a notification for this product.
    Date Public
    2017-07-12 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T13:25:17.497Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/123494"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.ibm.com/support/docview.wss?uid=swg22003402"
              },
              {
                "name": "99610",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/99610"
              },
              {
                "name": "1038913",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id/1038913"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Tivoli Monitoring V6",
              "vendor": "IBM",
              "versions": [
                {
                  "status": "affected",
                  "version": "6.2.3.5"
                },
                {
                  "status": "affected",
                  "version": "6.2.2.9"
                },
                {
                  "status": "affected",
                  "version": "6.3.0.7"
                }
              ]
            }
          ],
          "datePublic": "2017-07-12T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "IBM Tivoli Monitoring Portal v6 could allow a local (network adjacent) attacker to modify SQL commands to the Portal Server, when default client-server communications, HTTP, are being used. IBM X-Force ID: 123494."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Data Manipulation",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-07-18T09:57:01.000Z",
            "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
            "shortName": "ibm"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/123494"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.ibm.com/support/docview.wss?uid=swg22003402"
            },
            {
              "name": "99610",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/99610"
            },
            {
              "name": "1038913",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id/1038913"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@us.ibm.com",
              "DATE_PUBLIC": "2017-07-12T00:00:00",
              "ID": "CVE-2017-1183",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Tivoli Monitoring V6",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "6.2.3.5"
                              },
                              {
                                "version_value": "6.2.2.9"
                              },
                              {
                                "version_value": "6.3.0.7"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "IBM"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "IBM Tivoli Monitoring Portal v6 could allow a local (network adjacent) attacker to modify SQL commands to the Portal Server, when default client-server communications, HTTP, are being used. IBM X-Force ID: 123494."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Data Manipulation"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/123494",
                  "refsource": "MISC",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/123494"
                },
                {
                  "name": "http://www.ibm.com/support/docview.wss?uid=swg22003402",
                  "refsource": "CONFIRM",
                  "url": "http://www.ibm.com/support/docview.wss?uid=swg22003402"
                },
                {
                  "name": "99610",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/99610"
                },
                {
                  "name": "1038913",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id/1038913"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "assignerShortName": "ibm",
        "cveId": "CVE-2017-1183",
        "datePublished": "2017-07-14T13:00:00.000Z",
        "dateReserved": "2016-11-30T00:00:00.000Z",
        "dateUpdated": "2024-09-16T20:52:33.757Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2017-1182 (GCVE-0-2017-1182)

    Vulnerability from cvelistv5 – Published: 2017-07-14 13:00 – Updated: 2024-09-16 19:04
    VLAI
    Summary
    IBM Tivoli Monitoring Portal v6 could allow a local (network adjacent) attacker to execute arbitrary commands on the system, when default client-server default communications, HTTP, are being used. IBM X-Force ID: 123493.
    Severity
    No CVSS data available.
    CWE
    • Gain Privileges
    Assigner
    ibm
    References
    Impacted products
    Vendor Product Version
    IBM Tivoli Monitoring V6 Affected: 6.2.3.5
    Affected: 6.2.2.9
    Affected: 6.3.0.7
    Create a notification for this product.
    Date Public
    2017-07-12 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T13:25:17.407Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/123493"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.ibm.com/support/docview.wss?uid=swg22003402"
              },
              {
                "name": "1038913",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id/1038913"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Tivoli Monitoring V6",
              "vendor": "IBM",
              "versions": [
                {
                  "status": "affected",
                  "version": "6.2.3.5"
                },
                {
                  "status": "affected",
                  "version": "6.2.2.9"
                },
                {
                  "status": "affected",
                  "version": "6.3.0.7"
                }
              ]
            }
          ],
          "datePublic": "2017-07-12T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "IBM Tivoli Monitoring Portal v6 could allow a local (network adjacent) attacker to execute arbitrary commands on the system, when default client-server default communications, HTTP, are being used. IBM X-Force ID: 123493."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Gain Privileges",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-07-18T09:57:01.000Z",
            "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
            "shortName": "ibm"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/123493"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.ibm.com/support/docview.wss?uid=swg22003402"
            },
            {
              "name": "1038913",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id/1038913"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@us.ibm.com",
              "DATE_PUBLIC": "2017-07-12T00:00:00",
              "ID": "CVE-2017-1182",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Tivoli Monitoring V6",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "6.2.3.5"
                              },
                              {
                                "version_value": "6.2.2.9"
                              },
                              {
                                "version_value": "6.3.0.7"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "IBM"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "IBM Tivoli Monitoring Portal v6 could allow a local (network adjacent) attacker to execute arbitrary commands on the system, when default client-server default communications, HTTP, are being used. IBM X-Force ID: 123493."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Gain Privileges"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/123493",
                  "refsource": "MISC",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/123493"
                },
                {
                  "name": "http://www.ibm.com/support/docview.wss?uid=swg22003402",
                  "refsource": "CONFIRM",
                  "url": "http://www.ibm.com/support/docview.wss?uid=swg22003402"
                },
                {
                  "name": "1038913",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id/1038913"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "assignerShortName": "ibm",
        "cveId": "CVE-2017-1182",
        "datePublished": "2017-07-14T13:00:00.000Z",
        "dateReserved": "2016-11-30T00:00:00.000Z",
        "dateUpdated": "2024-09-16T19:04:42.739Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2016-6083 (GCVE-0-2016-6083)

    Vulnerability from cvelistv5 – Published: 2017-06-27 16:00 – Updated: 2024-08-06 01:22
    VLAI
    Summary
    IBM Tivoli Monitoring V6 could allow an unauthenticated user to access SOAP queries that could contain sensitive information. IBM X-Force ID: 117696.
    Severity
    No CVSS data available.
    CWE
    • Obtain Information
    Assigner
    ibm
    References
    Impacted products
    Vendor Product Version
    IBM Tivoli Monitoring V6 Affected: 6.2.2
    Affected: 6.2.3
    Affected: 6.3.0
    Affected: 6.2.3.1
    Affected: 6.2.3.2
    Affected: 6.2.3.3
    Affected: 6.2.3.4
    Affected: 6.2.3.5
    Affected: 6.3
    Affected: 6.3.0.1
    Affected: 6.3.0.2
    Affected: 6.3.0.3
    Affected: 6.3.0.4
    Affected: 6.3.0.5
    Affected: 6.3.0.6
    Affected: 6.2.2.2
    Affected: 6.2.2.3
    Affected: 6.2.2.4
    Affected: 6.2.2.5
    Affected: 6.2.2.6
    Affected: 6.2.2.7
    Affected: 6.2.2.8
    Affected: 6.2.2.9
    Affected: 6.3.0.7
    Create a notification for this product.
    Date Public
    2017-03-23 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T01:22:19.711Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.ibm.com/support/docview.wss?uid=swg22000909"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/117696"
              },
              {
                "name": "99259",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/99259"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Tivoli Monitoring V6",
              "vendor": "IBM",
              "versions": [
                {
                  "status": "affected",
                  "version": "6.2.2"
                },
                {
                  "status": "affected",
                  "version": "6.2.3"
                },
                {
                  "status": "affected",
                  "version": "6.3.0"
                },
                {
                  "status": "affected",
                  "version": "6.2.3.1"
                },
                {
                  "status": "affected",
                  "version": "6.2.3.2"
                },
                {
                  "status": "affected",
                  "version": "6.2.3.3"
                },
                {
                  "status": "affected",
                  "version": "6.2.3.4"
                },
                {
                  "status": "affected",
                  "version": "6.2.3.5"
                },
                {
                  "status": "affected",
                  "version": "6.3"
                },
                {
                  "status": "affected",
                  "version": "6.3.0.1"
                },
                {
                  "status": "affected",
                  "version": "6.3.0.2"
                },
                {
                  "status": "affected",
                  "version": "6.3.0.3"
                },
                {
                  "status": "affected",
                  "version": "6.3.0.4"
                },
                {
                  "status": "affected",
                  "version": "6.3.0.5"
                },
                {
                  "status": "affected",
                  "version": "6.3.0.6"
                },
                {
                  "status": "affected",
                  "version": "6.2.2.2"
                },
                {
                  "status": "affected",
                  "version": "6.2.2.3"
                },
                {
                  "status": "affected",
                  "version": "6.2.2.4"
                },
                {
                  "status": "affected",
                  "version": "6.2.2.5"
                },
                {
                  "status": "affected",
                  "version": "6.2.2.6"
                },
                {
                  "status": "affected",
                  "version": "6.2.2.7"
                },
                {
                  "status": "affected",
                  "version": "6.2.2.8"
                },
                {
                  "status": "affected",
                  "version": "6.2.2.9"
                },
                {
                  "status": "affected",
                  "version": "6.3.0.7"
                }
              ]
            }
          ],
          "datePublic": "2017-03-23T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "IBM Tivoli Monitoring V6 could allow an unauthenticated user to access SOAP queries that could contain sensitive information. IBM X-Force ID: 117696."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Obtain Information",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-06-28T09:57:01.000Z",
            "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
            "shortName": "ibm"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.ibm.com/support/docview.wss?uid=swg22000909"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/117696"
            },
            {
              "name": "99259",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/99259"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@us.ibm.com",
              "ID": "CVE-2016-6083",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Tivoli Monitoring V6",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "6.2.2"
                              },
                              {
                                "version_value": "6.2.3"
                              },
                              {
                                "version_value": "6.3.0"
                              },
                              {
                                "version_value": "6.2.3.1"
                              },
                              {
                                "version_value": "6.2.3.2"
                              },
                              {
                                "version_value": "6.2.3.3"
                              },
                              {
                                "version_value": "6.2.3.4"
                              },
                              {
                                "version_value": "6.2.3.5"
                              },
                              {
                                "version_value": "6.3"
                              },
                              {
                                "version_value": "6.3.0.1"
                              },
                              {
                                "version_value": "6.3.0.2"
                              },
                              {
                                "version_value": "6.3.0.3"
                              },
                              {
                                "version_value": "6.3.0.4"
                              },
                              {
                                "version_value": "6.3.0.5"
                              },
                              {
                                "version_value": "6.3.0.6"
                              },
                              {
                                "version_value": "6.2.2.2"
                              },
                              {
                                "version_value": "6.2.2.3"
                              },
                              {
                                "version_value": "6.2.2.4"
                              },
                              {
                                "version_value": "6.2.2.5"
                              },
                              {
                                "version_value": "6.2.2.6"
                              },
                              {
                                "version_value": "6.2.2.7"
                              },
                              {
                                "version_value": "6.2.2.8"
                              },
                              {
                                "version_value": "6.2.2.9"
                              },
                              {
                                "version_value": "6.3.0.7"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "IBM"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "IBM Tivoli Monitoring V6 could allow an unauthenticated user to access SOAP queries that could contain sensitive information. IBM X-Force ID: 117696."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Obtain Information"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://www.ibm.com/support/docview.wss?uid=swg22000909",
                  "refsource": "CONFIRM",
                  "url": "http://www.ibm.com/support/docview.wss?uid=swg22000909"
                },
                {
                  "name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/117696",
                  "refsource": "MISC",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/117696"
                },
                {
                  "name": "99259",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/99259"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "assignerShortName": "ibm",
        "cveId": "CVE-2016-6083",
        "datePublished": "2017-06-27T16:00:00.000Z",
        "dateReserved": "2016-06-29T00:00:00.000Z",
        "dateUpdated": "2024-08-06T01:22:19.711Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2016-5933 (GCVE-0-2016-5933)

    Vulnerability from cvelistv5 – Published: 2017-03-08 19:00 – Updated: 2024-08-06 01:15
    VLAI
    Summary
    IBM Tivoli Monitoring 6.2 and 6.3 is vulnerable to possible host header injection attack that could lead to HTTP cache poisoning or firewall bypass. IBM Reference #: 1997223.
    Severity
    No CVSS data available.
    CWE
    • Gain Access
    Assigner
    ibm
    References
    Impacted products
    Vendor Product Version
    IBM Corporation Tivoli Monitoring V6 Affected: 6.2.0
    Affected: 6.2.1
    Affected: 6.2.2
    Affected: 6.2.3
    Affected: 6.3.0
    Affected: 6.2.3.1
    Affected: 6.2.3.2
    Affected: 6.2.3.3
    Affected: 6.2.3.4
    Affected: 6.2.3.5
    Affected: 6.3
    Affected: 6.3.0.1
    Affected: 6.3.0.2
    Affected: 6.3.0.3
    Affected: 6.3.0.4
    Affected: 6.3.1
    Affected: 6.3.0.5
    Affected: 6.3.0.6
    Affected: 6.2.2.2
    Affected: 6.2.2.3
    Affected: 6.2.2.4
    Affected: 6.2.2.5
    Affected: 6.2.2.6
    Affected: 6.2.2.7
    Affected: 6.2.2.8
    Affected: 6.2.2.9
    Affected: 6.3.0.7
    Create a notification for this product.
    Date Public
    2017-01-13 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T01:15:09.988Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.ibm.com/support/docview.wss?uid=swg21997223"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Tivoli Monitoring V6",
              "vendor": "IBM Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "6.2.0"
                },
                {
                  "status": "affected",
                  "version": "6.2.1"
                },
                {
                  "status": "affected",
                  "version": "6.2.2"
                },
                {
                  "status": "affected",
                  "version": "6.2.3"
                },
                {
                  "status": "affected",
                  "version": "6.3.0"
                },
                {
                  "status": "affected",
                  "version": "6.2.3.1"
                },
                {
                  "status": "affected",
                  "version": "6.2.3.2"
                },
                {
                  "status": "affected",
                  "version": "6.2.3.3"
                },
                {
                  "status": "affected",
                  "version": "6.2.3.4"
                },
                {
                  "status": "affected",
                  "version": "6.2.3.5"
                },
                {
                  "status": "affected",
                  "version": "6.3"
                },
                {
                  "status": "affected",
                  "version": "6.3.0.1"
                },
                {
                  "status": "affected",
                  "version": "6.3.0.2"
                },
                {
                  "status": "affected",
                  "version": "6.3.0.3"
                },
                {
                  "status": "affected",
                  "version": "6.3.0.4"
                },
                {
                  "status": "affected",
                  "version": "6.3.1"
                },
                {
                  "status": "affected",
                  "version": "6.3.0.5"
                },
                {
                  "status": "affected",
                  "version": "6.3.0.6"
                },
                {
                  "status": "affected",
                  "version": "6.2.2.2"
                },
                {
                  "status": "affected",
                  "version": "6.2.2.3"
                },
                {
                  "status": "affected",
                  "version": "6.2.2.4"
                },
                {
                  "status": "affected",
                  "version": "6.2.2.5"
                },
                {
                  "status": "affected",
                  "version": "6.2.2.6"
                },
                {
                  "status": "affected",
                  "version": "6.2.2.7"
                },
                {
                  "status": "affected",
                  "version": "6.2.2.8"
                },
                {
                  "status": "affected",
                  "version": "6.2.2.9"
                },
                {
                  "status": "affected",
                  "version": "6.3.0.7"
                }
              ]
            }
          ],
          "datePublic": "2017-01-13T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "IBM Tivoli Monitoring 6.2 and 6.3 is vulnerable to possible host header injection attack that could lead to HTTP cache poisoning or firewall bypass. IBM Reference #: 1997223."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Gain Access",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-03-08T18:57:01.000Z",
            "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
            "shortName": "ibm"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.ibm.com/support/docview.wss?uid=swg21997223"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@us.ibm.com",
              "ID": "CVE-2016-5933",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Tivoli Monitoring V6",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "6.2.0"
                              },
                              {
                                "version_value": "6.2.1"
                              },
                              {
                                "version_value": "6.2.2"
                              },
                              {
                                "version_value": "6.2.3"
                              },
                              {
                                "version_value": "6.3.0"
                              },
                              {
                                "version_value": "6.2.3.1"
                              },
                              {
                                "version_value": "6.2.3.2"
                              },
                              {
                                "version_value": "6.2.3.3"
                              },
                              {
                                "version_value": "6.2.3.4"
                              },
                              {
                                "version_value": "6.2.3.5"
                              },
                              {
                                "version_value": "6.3"
                              },
                              {
                                "version_value": "6.3.0.1"
                              },
                              {
                                "version_value": "6.3.0.2"
                              },
                              {
                                "version_value": "6.3.0.3"
                              },
                              {
                                "version_value": "6.3.0.4"
                              },
                              {
                                "version_value": "6.3.1"
                              },
                              {
                                "version_value": "6.3.0.5"
                              },
                              {
                                "version_value": "6.3.0.6"
                              },
                              {
                                "version_value": "6.2.2.2"
                              },
                              {
                                "version_value": "6.2.2.3"
                              },
                              {
                                "version_value": "6.2.2.4"
                              },
                              {
                                "version_value": "6.2.2.5"
                              },
                              {
                                "version_value": "6.2.2.6"
                              },
                              {
                                "version_value": "6.2.2.7"
                              },
                              {
                                "version_value": "6.2.2.8"
                              },
                              {
                                "version_value": "6.2.2.9"
                              },
                              {
                                "version_value": "6.3.0.7"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "IBM Corporation"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "IBM Tivoli Monitoring 6.2 and 6.3 is vulnerable to possible host header injection attack that could lead to HTTP cache poisoning or firewall bypass. IBM Reference #: 1997223."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Gain Access"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://www.ibm.com/support/docview.wss?uid=swg21997223",
                  "refsource": "CONFIRM",
                  "url": "http://www.ibm.com/support/docview.wss?uid=swg21997223"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "assignerShortName": "ibm",
        "cveId": "CVE-2016-5933",
        "datePublished": "2017-03-08T19:00:00.000Z",
        "dateReserved": "2016-06-29T00:00:00.000Z",
        "dateUpdated": "2024-08-06T01:15:09.988Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }