Vulnerabilities (CVE)

Filtered by vendor Ibm Subscribe

Filtered by product Cloud Automation Manager

CVSS v3 Filter

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 2 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2019-4132	1 Ibm	1 Cloud Automation Manager	2020-08-24	2.1 LOW	3.3 LOW
IBM Cloud Automation Manager 3.1.2 could allow a user to be impropertly redirected and obtain sensitive information rather than receive a 404 error message. IBM X-Force ID: 158274.
CVE-2019-4616	2 Ibm, Linux	2 Cloud Automation Manager, Linux Kernel	2020-08-24	2.9 LOW	3.5 LOW
IBM Cloud Automation Manager 3.2.1.0 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a site the user goes to. The cookie will be sent to the insecure link and the attacker can then obtain the cookie value by snooping the traffic. IBM X-Force ID: 168644.