Ibm Infosphere_biginsights
20 CVEs affecting Ibm Infosphere_biginsights. Latest disclosed: 2018-04-20. Critical: 0, High: 3.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2015-1947 | High | 7.4 | 2015-12-31 | Untrusted search path vulnerability in IBM InfoSphere BigInsights 3.0, 3.0.0.1, 3.0.0.2, and 4.0, when a DB2 database is used, allows local users to gain privi… |
CVE-2015-1836 | High | 7.3 | 2015-12-21 | Apache HBase 0.98 before 0.98.12.1, 1.0 before 1.0.1.1, and 1.1 before 1.1.0.1, as used in IBM InfoSphere BigInsights 3.0, 3.0.0.1, and 3.0.0.2 and other produ… |
CVE-2015-1772 | High | 7.3 | 2015-12-21 | The LDAP implementation in HiveServer2 in Apache Hive before 1.0.1 and 1.1.x before 1.1.1, as used in IBM InfoSphere BigInsights 3.0, 3.0.0.1, and 3.0.0.2 and… |
CVE-2014-4782 | Medium | 6.5 | 2018-04-20 | IBM InfoSphere BigInsights 2.1.2 allows remote authenticated users to discover SMTP server credentials via vectors related to the Alert management service. IBM… |
CVE-2013-3993 | Medium | 6.5 | 2014-07-07 | IBM InfoSphere BigInsights before 2.1.0.3 allows remote authenticated users to bypass intended file and directory restrictions, or access untrusted data or cod… |
CVE-2017-1554 | Medium | 5.4 | 2017-11-01 | IBM Infosphere BigInsights 4.2.0 and 4.2.5 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicio… |
CVE-2017-1553 | Medium | 5.4 | 2017-11-01 | IBM Infosphere BigInsights 4.2.0 and 4.2.5 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web… |
CVE-2017-1552 | Medium | 5.4 | 2017-11-01 | IBM Infosphere BigInsights 4.2.0 and 4.2.5 is vulnerable to link injection. By persuading a victim to click on a specially-crafted URL link, a remote attacker… |
CVE-2017-1336 | Medium | 4.4 | 2017-12-07 | IBM Infosphere BigInsights 4.2.0 could allow an attacker to inject code that could allow access to restricted data and files. IBM X-Force ID: 126244. |
CVE-2015-5020 | Medium | 4.3 | 2016-01-02 | The Big SQL component in IBM InfoSphere BigInsights 3.0, 3.0.0.1, 3.0.0.2, and 4.0 allows remote authenticated users to bypass intended access restrictions and… |
CVE-2015-4940 | | 2015-11-08 | Apache Ambari before 2.1, as used in IBM Infosphere BigInsights 4.x before 4.1, stores a cleartext BigSheets password in a configuration file, which allows loc… | |
CVE-2015-4928 | | 2015-11-08 | Apache Ambari before 2.1, as used in IBM Infosphere BigInsights 4.x before 4.1, includes cleartext passwords on a Configs screen, which allows physically proxi… | |
CVE-2015-1889 | | 2015-04-22 | The Big SQL component in IBM InfoSphere BigInsights 3.0 through 3.0.0.2 allows remote authenticated users to bypass intended HDFS data-access restrictions via… | |
CVE-2014-4781 | | 2015-02-13 | The alert module in IBM InfoSphere BigInsights 2.1.2 and 3.x before 3.0.0.2 allows remote attackers to obtain sensitive Alert management-services API informati… | |
CVE-2014-0905 | | 2014-08-17 | IBM InfoSphere BigInsights 2.0 through 2.1.2 does not set the secure flag for the LTPA cookie in an https session, which makes it easier for remote attackers t… | |
CVE-2013-3998 | | 2014-03-26 | CRLF injection vulnerability in the Web Application Enterprise Console in IBM InfoSphere BigInsights 1.1 and 2.x before 2.1 FP2 allows remote authenticated use… | |
CVE-2013-3997 | | 2014-03-26 | Open redirect vulnerability in the Web Application Enterprise Console in IBM InfoSphere BigInsights 1.1 and 2.x before 2.1 FP2 allows remote authenticated user… | |
CVE-2013-3996 | | 2013-08-06 | IBM InfoSphere BigInsights 1.1 through 2.1 does not properly handle FRAME elements, which makes it easier for remote authenticated users to conduct phishing at… | |
CVE-2013-3995 | | 2013-08-06 | Cross-site scripting (XSS) vulnerability in IBM InfoSphere BigInsights 1.1 through 2.1 allows remote authenticated users to inject arbitrary web script or HTML… | |
CVE-2013-3992 | | 2013-08-06 | Cross-site request forgery (CSRF) vulnerability in IBM InfoSphere BigInsights 2.0 through 2.1 allows remote authenticated users to hijack the authentication of… |