Vulnerabilities > IBM

DATE CVE VULNERABILITY TITLE RISK
2024-02-26 CVE-2023-32344 IBM Cognos Analytics 11.1.7, 11.2.4, and 12.0.0 is vulnerable to form action hijacking where it is possible to modify the form action to reference an arbitrary path.
network
low complexity
netapp ibm
4.3
2024-02-26 CVE-2023-38359 IBM Cognos Analytics 11.1.7, 11.2.4, and 12.0.0 is vulnerable to cross-site scripting.
network
low complexity
netapp ibm
6.1
2024-02-26 CVE-2023-43051 IBM Cognos Analytics 11.1.7, 11.2.4, and 12.0.0 is vulnerable to cross-site scripting.
network
low complexity
netapp ibm
5.4
2024-02-21 CVE-2023-33843 Unspecified vulnerability in IBM Infosphere Information Server 11.7
IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting.
network
low complexity
ibm
5.4
2024-02-21 CVE-2023-50955 Path Traversal vulnerability in IBM Infosphere Information Server 11.7
IBM InfoSphere Information Server 11.7 could allow an authenticated privileged user to obtain the absolute path of the web server installation which could aid in further attacks against the system.
network
low complexity
ibm CWE-22
2.7
2024-02-17 CVE-2023-50951 Unspecified vulnerability in IBM Cloud PAK for Security and Qradar Suite
IBM QRadar Suite 1.10.12.0 through 1.10.17.0 and IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 in some circumstances will log some sensitive information about invalid authorization attempts.
network
low complexity
ibm
4.3
2024-02-17 CVE-2024-22335 Unspecified vulnerability in IBM Cloud PAK for Security and Qradar Suite
IBM QRadar Suite 1.10.12.0 through 1.10.17.0 and IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 stores potentially sensitive information in log files that could be read by a local user.
local
low complexity
ibm
5.5
2024-02-17 CVE-2024-22336 Unspecified vulnerability in IBM Cloud PAK for Security and Qradar Suite
IBM QRadar Suite 1.10.12.0 through 1.10.17.0 and IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 stores potentially sensitive information in log files that could be read by a local user.
local
low complexity
ibm
5.5
2024-02-17 CVE-2024-22337 Unspecified vulnerability in IBM Cloud PAK for Security and Qradar Suite
IBM QRadar Suite 1.10.12.0 through 1.10.17.0 and IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 stores potentially sensitive information in log files that could be read by a local user.
local
low complexity
ibm
5.5
2024-02-14 CVE-2023-46186 Unspecified vulnerability in IBM Jazz for Service Management 1.1.3.20
IBM Jazz for Service Management 1.1.3.20 could allow an unauthorized user to obtain sensitive file information using forced browsing due to improper access controls.
network
low complexity
ibm
7.5