Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Ibm Subscribe
Filtered by product Marketing Operations
Total 6 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2020-4125 1 Ibm 1 Marketing Operations 2020-07-24 5.5 MEDIUM 8.1 HIGH
Using HCL Marketing Operations 9.1.2.4, 10.1.x, 11.1.0.x, a malicious attacker could download files from the RHEL environment by doing some modification in the link, giving the attacker access to confidential information.
CVE-2017-1119 1 Ibm 1 Marketing Operations 2019-10-09 4.0 MEDIUM 4.3 MEDIUM
IBM Marketing Operations 9.1.0, 9.1.2, and 10.1 could allow a remote attacker to obtain sensitive information. An attacker could send a specially-crafted request to cause an error message to be returned containing the full root path. An attacker could use this information to launch further attacks against the affected system. IBM X-Force ID: 121171.
CVE-2016-6112 1 Ibm 3 Distributed Marketing, Marketing Operations, Marketing Platform 2017-05-30 6.5 MEDIUM 8.8 HIGH
IBM Distributed Marketing and Marketing Platform 8.6, 9.0, 9.1, and 10.0 could allow an authenticated user to escalate their privileges and gain administrative permissions over the web application. IBM X-Force ID: 118282.
CVE-2014-8887 1 Ibm 1 Marketing Operations 2015-06-08 4.0 MEDIUM N/A
IBM Marketing Operations 7.x and 8.x before 8.5.0.7.2, 8.6.x before 8.6.0.8, 9.0.x before 9.0.0.4.1, 9.1.0.x before 9.1.0.5, and 9.1.1.x before 9.1.1.2 allows remote authenticated users to upload arbitrary GIFAR files, and consequently modify data, via unspecified vectors.
CVE-2014-6222 1 Ibm 1 Marketing Operations 2015-06-08 4.0 MEDIUM N/A
Directory traversal vulnerability in IBM Marketing Operations 7.x and 8.x before 8.5.0.7.2, 8.6.x before 8.6.0.8, 9.0.x before 9.0.0.4.1, 9.1.0.x before 9.1.0.5, and 9.1.1.x before 9.1.1.2 allows remote authenticated users to read arbitrary files via a .. (dot dot) in a URL.
CVE-2014-6175 1 Ibm 1 Marketing Operations 2015-06-08 3.5 LOW N/A
Cross-site scripting (XSS) vulnerability in IBM Marketing Operations 7.x and 8.x before 8.5.0.7.2, 8.6.x before 8.6.0.8, 9.0.x before 9.0.0.4.1, 9.1.0.x before 9.1.0.5, and 9.1.1.x before 9.1.1.2 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.