IBM Tivoli Endpoint Manager Server < 8.2.1372 Multiple Vulnerabilities
Medium Nessus Plugin ID 66270
The remote host is affected by multiple vulnerabilities.
The remote host is running a version of IBM Tivoli Endpoint Manager Server prior to 8.2.1372. It is, therefore, affected by multiple vulnerabilities : - Multiple SSL related denial of service vulnerabilities exist. (CVE-2012-2686, CVE-2013-0166) - An SSL side-channel timing analysis attack allows full or partial plaintext recovery by a third-party listener. (CVE-2013-0169) - A cross-site request forgery vulnerability exists in the Use Analysis Application that can be exploited via a specially crafted AMF message. (CVE-2013-0452) - An unspecified cross-site scripting vulnerability exists in IBM Tivoli Endpoint Manager Web Reports. (CVE-2013-0453)
Upgrade to Tivoli Endpoint Manager Server 8.2.1372 or later.