Vulnerabilities > IBM > Resilient Security Orchestration Automation AND Response > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-08-23 | CVE-2021-29704 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in IBM Resilient Security Orchestration Automation and Response 38.0/38.2 IBM Security SOAR uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. | 7.5 |
| 2021-08-23 | CVE-2021-29802 | Improper Privilege Management vulnerability in IBM Resilient Security Orchestration Automation and Response IBM Security SOAR performs an operation at a privilege level that is higher than the minimum level required, which creates new weaknesses or amplifies the consequences of other weaknesses. | 7.5 |
| 2021-06-16 | CVE-2021-20566 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in IBM Resilient Security Orchestration Automation and Response 38.0 IBM Resilient SOAR V38.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. | 7.5 |
| 2020-12-11 | CVE-2020-4633 | Improper Neutralization of Formula Elements in a CSV File vulnerability in IBM Resilient Security Orchestration Automation and Response 38.0 IBM Resilient SOAR V38.0 could allow a remote attacker to execute arbitrary code on the system, caused by formula injection due to improper input validation. | 8.8 |
| 2020-10-16 | CVE-2020-4636 | Command Injection vulnerability in IBM Resilient Security Orchestration Automation and Response 38.2 IBM Resilient OnPrem 38.2 could allow a privileged user to inject malicious commands through Python3 scripting. | 7.2 |