Vulnerabilities > IBM > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-07-31 | CVE-2022-43831 | Unspecified vulnerability in IBM Spectrum Scale Container Native Storage Access 5.1.2.1/5.1.4.1/5.1.6.0 IBM Storage Scale Container Native Storage Access 5.1.2.1 through 5.1.6.1 could allow a local user to obtain escalated privileges on a host without proper security context settings configured. | 7.8 |
| 2023-07-31 | CVE-2023-35019 | OS Command Injection vulnerability in IBM Security Verify Governance 10.0 IBM Security Verify Governance, Identity Manager 10.0 could allow a remote authenticated attacker to execute arbitrary commands on the system by sending a specially crafted request. | 8.8 |
| 2023-07-19 | CVE-2022-43910 | Improper Preservation of Permissions vulnerability in IBM Security Guardium 11.3 IBM Security Guardium 11.3 could allow a local user to escalate their privileges due to improper permission controls. | 7.8 |
| 2023-07-19 | CVE-2021-38933 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in IBM Sterling Connect:Express for Unix 1.5.0 IBM Sterling Connect:Direct for UNIX 1.5 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. | 7.5 |
| 2023-07-19 | CVE-2023-26023 | Information Exposure Through Log Files vulnerability in IBM Cloud PAK for Data 4.0 Planning Analytics Cartridge for Cloud Pak for Data 4.0 exposes sensitive information in logs which could lead an attacker to exploit this vulnerability to conduct further attacks. | 7.5 |
| 2023-07-19 | CVE-2023-26026 | Information Exposure Through Log Files vulnerability in IBM Cloud PAK for Data 4.0 Planning Analytics Cartridge for Cloud Pak for Data 4.0 exposes sensitive information in logs which could lead an attacker to exploit this vulnerability to conduct further attacks. | 7.5 |
| 2023-07-19 | CVE-2023-27877 | Improper Authentication vulnerability in IBM Cloud PAK for Data 4.0 IBM Planning Analytics Cartridge for Cloud Pak for Data 4.0 connects to a CouchDB server. | 7.5 |
| 2023-07-19 | CVE-2023-28513 | Unspecified vulnerability in IBM MQ and MQ Appliance IBM MQ 9.0 LTS, 9.1 LTS, 9.2 LTS, 9.3 LTS, 9.2 CD, and 9.3 CD and IBM MQ Appliance 9.2 LTS, 9.3 LTS, 9.2 CD, and 9.2 LTS, under certain configurations, is vulnerable to a denial of service attack caused by an error processing messages. | 7.5 |
| 2023-07-16 | CVE-2023-30988 | Unspecified vulnerability in IBM I The IBM i 7.2, 7.3, 7.4, and 7.5 product Facsimile Support for i contains a local privilege escalation vulnerability. | 7.8 |
| 2023-07-16 | CVE-2023-30989 | Unspecified vulnerability in IBM I IBM Performance Tools for i 7.2, 7.3, 7.4, and 7.5 contains a local privilege escalation vulnerability. | 7.8 |