Vulnerabilities > IBM
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-02-02 | CVE-2023-38273 | Unspecified vulnerability in IBM Cloud PAK System IBM Cloud Pak System 2.3.1.1, 2.3.2.0, and 2.3.3.7 uses an inadequate account lockout setting that could allow a remote attacker to brute force account credentials. | 7.5 |
| 2024-02-02 | CVE-2023-47142 | Unspecified vulnerability in IBM Tivoli Application Dependency Discovery Manager IBM Tivoli Application Dependency Discovery Manager 7.3.0.0 through 7.3.0.10 could allow an attacker on the organization's local network to escalate their privileges due to unauthorized API access. low complexity ibm | 8.8 |
| 2024-02-02 | CVE-2023-47143 | Improper Encoding or Escaping of Output vulnerability in IBM Tivoli Application Dependency Discovery Manager IBM Tivoli Application Dependency Discovery Manager 7.3.0.0 through 7.3.0.10 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. | 9.8 |
| 2024-02-02 | CVE-2023-47144 | Unspecified vulnerability in IBM Tivoli Application Dependency Discovery Manager IBM Tivoli Application Dependency Discovery Manager 7.3.0.0 through 7.3.0.10 is vulnerable to cross-site scripting. | 6.1 |
| 2024-02-02 | CVE-2023-47148 | Unspecified vulnerability in IBM Spectrum Protect Plus IBM Storage Protect Plus Server 10.1.0 through 10.1.15.2 Admin Console could allow a remote attacker to obtain sensitive information due to improper validation of unsecured endpoints which could be used in further attacks against the system. | 7.5 |
| 2024-02-02 | CVE-2022-40744 | Unspecified vulnerability in IBM Aspera Faspex IBM Aspera Faspex 5.0.6 is vulnerable to stored cross-site scripting. | 5.4 |
| 2024-02-02 | CVE-2023-38019 | Unspecified vulnerability in IBM Soar Qradar Plugin APP 1.0 IBM SOAR QRadar Plugin App 1.0 through 5.0.3 could allow a remote attacker to traverse directories on the system. | 6.5 |
| 2024-02-02 | CVE-2023-38020 | Unspecified vulnerability in IBM Soar Qradar Plugin APP 1.0 IBM SOAR QRadar Plugin App 1.0 through 5.0.3 could allow an authenticated user to manipulate output written to log files. | 4.3 |
| 2024-02-02 | CVE-2023-38263 | Unspecified vulnerability in IBM Soar Qradar Plugin APP 1.0 IBM SOAR QRadar Plugin App 1.0 through 5.0.3 could allow an authenticated user to perform unauthorized actions due to improper access controls. | 8.8 |
| 2024-02-02 | CVE-2023-46159 | Unspecified vulnerability in IBM Storage Ceph 5.3Z1/5.3Z5/6.1Z1 IBM Storage Ceph 5.3z1, 5.3z5, and 6.1z1 could allow an authenticated user on the network to cause a denial of service from RGW. | 6.5 |