Vulnerabilities > IBM
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-07-12 | CVE-2020-4157 | Use of Hard-coded Credentials vulnerability in IBM Qradar Network Security 5.4.0/5.5.0 IBM QRadar Network Security 5.4.0 and 5.5.0 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. | 5.0 |
| 2022-07-12 | CVE-2020-4159 | Information Exposure vulnerability in IBM Qradar Network Security 5.4.0/5.5.0 IBM QRadar Network Security 5.4.0 and 5.5.0 discloses sensitive information to unauthorized users which could be used to mount further attacks against the system. | 5.0 |
| 2022-07-12 | CVE-2021-39041 | Unspecified vulnerability in IBM Qradar Security Information and Event Manager 7.3.0/7.4.0/7.5.0 IBM QRadar SIEM 7.3, 7.4, and 7.5 may be vulnerable to partial denial of service attack, resulting in some protocols not listening to specified ports. | 5.0 |
| 2022-07-11 | CVE-2020-4138 | Unspecified vulnerability in IBM Security Siteprotector System 3.1.1 IBM SiteProtector Appliance 3.1.1 allows web pages to be stored locally which can be read by another user on the system. | 2.1 |
| 2022-07-11 | CVE-2020-4150 | Use of Hard-coded Credentials vulnerability in IBM Security Siteprotector System 3.1.1 IBM SiteProtector Appliance 3.1.1 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. | 7.5 |
| 2022-07-08 | CVE-2022-22370 | Cross-site Scripting vulnerability in IBM Security Verify Access IBM Security Verify Access 10.0.0.0, 10.0.1.0, 10.0.2.0, and 10.0.3.0 is vulnerable to cross-site scripting. | 3.5 |
| 2022-07-08 | CVE-2022-22463 | SQL Injection vulnerability in IBM Security Verify Access IBM Security Access Manager Appliance 10.0.0.0, 10.0.1.0, 10.0.2.0, and 10.0.3.0 is vulnerable to SQL injection. | 6.4 |
| 2022-07-08 | CVE-2022-22464 | Inadequate Encryption Strength vulnerability in IBM Security Verify Access IBM Security Access Manager Appliance 10.0.0.0, 10.0.1.0, 10.0.2.0, and 10.0.3.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. | 5.0 |
| 2022-07-08 | CVE-2022-22465 | Unspecified vulnerability in IBM Security Verify Access IBM Security Access Manager Appliance 10.0.0.0, 10.0.1.0, 10.0.2.0, and 10.0.3.0 could allow a local user to obtain elevated privileges due to improper access permissions. | 4.6 |
| 2022-07-08 | CVE-2022-22476 | Authentication Bypass by Spoofing vulnerability in IBM Open Liberty and Websphere Application Server IBM WebSphere Application Server Liberty 17.0.0.3 through 22.0.0.7 and Open Liberty are vulnerable to identity spoofing by an authenticated user using a specially crafted request. | 6.0 |