Vulnerabilities > IBM > Partner Engagement Manager > Medium

DATE CVE VULNERABILITY TITLE RISK
2022-07-19 CVE-2022-22359 Cross-Site Request Forgery (CSRF) vulnerability in IBM products
IBM Sterling Partner Engagement Manager 6.1.2, 6.2, and Cloud/SasS 22.2 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts.
network
low complexity
ibm CWE-352
6.5
6.5
2022-07-19 CVE-2022-22416 Server-Side Request Forgery (SSRF) vulnerability in IBM products
IBM Sterling Partner Engagement Manager 6.1.2, 6.2, and Cloud/SasS 22.2 is vulnerable to server-side request forgery (SSRF).
network
low complexity
ibm CWE-918
5.4
5.4
2022-07-19 CVE-2022-22417 Cross-site Scripting vulnerability in IBM products
IBM Sterling Partner Engagement Manager 6.1.2, 6.2, and Cloud/SasS 22.2 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
5.4
2022-04-01 CVE-2022-22328 Unspecified vulnerability in IBM Partner Engagement Manager 6.2.0
IBM SterlingPartner Engagement Manager 6.2.0 could allow a malicious user to elevate their privileges and perform unintended operations to another users data.
local
low complexity
ibm
6.2
6.2