Vulnerabilities > IBM
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-01-17 | CVE-2023-22875 | Unspecified vulnerability in IBM Qradar Security Information and Event Manager 7.4.0/7.5.0 IBM QRadar SIEM 7.4 and 7.5copies certificate key files used for SSL/TLS in the QRadar web user interface to managed hosts in the deployment that do not require that key. | 7.5 |
| 2023-01-11 | CVE-2022-34335 | Resource Exhaustion vulnerability in IBM Sterling Partner Engagement Manager 6.1.2/6.2.0/6.2.1 IBM Sterling Partner Engagement Manager 6.1.2, 6.2.0, and 6.2.1 could allow an authenticated user to exhaust server resources which could lead to a denial of service. | 6.5 |
| 2023-01-11 | CVE-2022-40615 | Unspecified vulnerability in IBM Sterling Partner Engagement Manager 6.1.2/6.2.0/6.2.1 IBM Sterling Partner Engagement Manager 6.1, 6.2, and 6.2.1 is vulnerable to SQL injection. | 9.8 |
| 2023-01-09 | CVE-2022-22470 | Cleartext Storage of Sensitive Information vulnerability in IBM Security Verify Governance 10.0 IBM Security Verify Governance 10.0 stores user credentials in plain clear text which can be read by a local user. | 5.5 |
| 2023-01-09 | CVE-2022-35281 | Unspecified vulnerability in IBM Maximo Application Suite and Maximo Asset Management IBM Maximo Asset Management 7.6.1.1, 7.6.1.2, 7.6.1.3 and the IBM Maximo Manage 8.3, 8.4 application in IBM Maximo Application Suite are vulnerable to CSV injection. | 8.8 |
| 2023-01-05 | CVE-2022-41740 | Cleartext Storage of Sensitive Information vulnerability in IBM products IBM Robotic Process Automation 20.12 through 21.0.6 could allow an attacker with physical access to the system to obtain highly sensitive information from system memory. | 4.6 |
| 2023-01-05 | CVE-2022-43573 | Unspecified vulnerability in IBM products IBM Robotic Process Automation 20.12 through 21.0.6 is vulnerable to exposure of the name and email for the creator/modifier of platform level objects. | 5.3 |
| 2023-01-05 | CVE-2022-43844 | Unspecified vulnerability in IBM Robotic Process Automation for Cloud PAK IBM Robotic Process Automation for Cloud Pak 20.12 through 21.0.3 is vulnerable to broken access control. | 8.8 |
| 2023-01-05 | CVE-2022-22371 | Unspecified vulnerability in IBM Sterling B2B Integrator IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.1.2.1 does not invalidate session after a password change which could allow an authenticated user to impersonate another user on the system. | 6.5 |
| 2023-01-05 | CVE-2022-34330 | Unspecified vulnerability in IBM Sterling B2B Integrator IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.1.2.1 is vulnerable to cross-site scripting. | 6.1 |