Vulnerabilities > IBM
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-03-16 | CVE-2023-27875 | Unspecified vulnerability in IBM Aspera Faspex 5.0.4 IBM Aspera Faspex 5.0.4 could allow a user to change other user's credentials due to improper access controls. | 7.5 |
| 2023-03-15 | CVE-2023-22591 | Unspecified vulnerability in IBM products IBM Robotic Process Automation 21.0.1 through 21.0.7 and 23.0.0 through 23.0.1 could allow a user with physical access to the system due to session tokens for not being invalidated after a password reset. low complexity ibm | 3.2 |
| 2023-03-15 | CVE-2022-46773 | Unspecified vulnerability in IBM products IBM Robotic Process Automation 21.0.0 - 21.0.7 and 23.0.0 is vulnerable to client-side validation bypass for credential pools. | 6.5 |
| 2023-03-15 | CVE-2023-25680 | Unspecified vulnerability in IBM products IBM Robotic Process Automation 21.0.1 through 21.0.5 is vulnerable to insufficiently protecting credentials. | 6.5 |
| 2023-03-15 | CVE-2020-4556 | Unspecified vulnerability in IBM Financial Transaction Manager IBM Financial Transaction Manager for High Value Payments for Multi-Platform 3.2.0 through 3.2.10 allows web pages to be stored locally which can be read by another user on the system. | 3.3 |
| 2023-03-15 | CVE-2020-4927 | Unspecified vulnerability in IBM Spectrum Scale A vulnerability in the Spectrum Scale 5.0.5.0 through 5.1.6.1 core component could allow unauthorized access to user data or injection of arbitrary data in the communication protocol. | 8.2 |
| 2023-03-15 | CVE-2022-46774 | Incorrect Default Permissions vulnerability in IBM Manage Application 8.4.0/8.5.0 IBM Manage Application 8.8.0 and 8.9.0 in the IBM Maximo Application Suite is vulnerable to incorrect default permissions which could give access to a user to actions that they should not have access to. | 6.5 |
| 2023-03-15 | CVE-2023-22876 | Unspecified vulnerability in IBM Sterling B2B Integrator IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.7 and 6.1.0.0 through 6.1.2.1 could allow a privileged user to obtain sensitive information that could aid in further attacks against the system. | 6.5 |
| 2023-03-15 | CVE-2022-43874 | Cross-site Scripting vulnerability in IBM APP Connect Enterprise Certified Container IBM App Connect Enterprise Certified Container 4.1, 4.2, 5.0, 5.1, 5.2, 6.0, 6.1, 6.2, and 7.0 is vulnerable to cross-site scripting. | 6.1 |
| 2023-03-15 | CVE-2023-26284 | Unspecified vulnerability in IBM MQ Certified Container IBM MQ Certified Container 9.3.0.1 through 9.3.0.3 and 9.3.1.0 through 9.3.1.1 could allow authenticated users with the cluster to be granted administration access to the MQ console due to improper access controls. | 8.8 |