Vulnerabilities > IBM
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-02-07 | CVE-2023-43017 | Improper Certificate Validation vulnerability in IBM Security Verify Access IBM Security Verify Access 10.0.0.0 through 10.0.6.1 could allow a privileged user to install a configuration file that could allow remote access. | 7.2 |
| 2024-02-07 | CVE-2023-47700 | Improper Certificate Validation vulnerability in IBM Storage Virtualize 8.6 IBM SAN Volume Controller, IBM Storwize, IBM FlashSystem and IBM Storage Virtualize 8.6 products could allow a remote attacker to spoof a trusted system that would not be correctly validated by the Storwize server. | 7.5 |
| 2024-02-06 | CVE-2024-22331 | Information Exposure vulnerability in IBM Urbancode Deploy IBM UrbanCode Deploy (UCD) 7.0 through 7.0.5.19, 7.1 through 7.1.2.15, 7.2 through 7.2.3.8, 7.3 through 7.3.2.3, and IBM UrbanCode Deploy (UCD) - IBM DevOps Deploy 8.0.0.0 could disclose sensitive user information when installing the Windows agent. | 5.5 |
| 2024-02-06 | CVE-2023-46183 | Unspecified vulnerability in IBM Powervm Hypervisor IBM PowerVM Hypervisor FW950.00 through FW950.90, FW1020.00 through FW1020.40, and FW1030.00 through FW1030.30 could allow a system administrator to obtain sensitive partition information. | 4.4 |
| 2024-02-04 | CVE-2023-33851 | Unspecified vulnerability in IBM Powervm Hypervisor IBM PowerVM Hypervisor FW950.00 through FW950.90, FW1020.00 through FW1020.40, and FW1030.00 through FW1030.30 could reveal sensitive partition data to a system administrator. | 4.9 |
| 2024-02-04 | CVE-2023-50947 | Cross-site Scripting vulnerability in IBM products IBM Business Automation Workflow 22.0.2, 23.0.1, and 23.0.2 is vulnerable to cross-site scripting. | 5.4 |
| 2024-02-03 | CVE-2023-30999 | Resource Exhaustion vulnerability in IBM products IBM Security Access Manager Container (IBM Security Verify Access Appliance 10.0.0.0 through 10.0.6.1 and IBM Security Verify Access Docker 10.0.0.0 through 10.0.6.1) could allow an attacker to cause a denial of service due to uncontrolled resource consumption. | 7.5 |
| 2024-02-03 | CVE-2023-31004 | Man-in-the-Middle vulnerability in IBM products IBM Security Access Manager Container (IBM Security Verify Access Appliance 10.0.0.0 through 10.0.6.1 and IBM Security Verify Access Docker 10.0.0.0 through 10.0.6.1) could allow a remote attacker to gain access to the underlying system using man in the middle techniques. | 9.0 |
| 2024-02-03 | CVE-2023-31005 | Improper Privilege Management vulnerability in IBM products IBM Security Access Manager Container (IBM Security Verify Access Appliance 10.0.0.0 through 10.0.6.1 and IBM Security Verify Access Docker 10.0.0.0 through 10.0.6.1) could allow a local user to escalate their privileges due to an improper security configuration. | 7.8 |
| 2024-02-03 | CVE-2023-31006 | Unspecified vulnerability in IBM products IBM Security Access Manager Container (IBM Security Verify Access Appliance 10.0.0.0 through 10.0.6.1 and IBM Security Verify Access Docker 10.0.0.0 through 10.0.6.1) is vulnerable to a denial of service attacks on the DSC server. | 7.5 |