Vulnerabilities > IBM > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-03-15 | CVE-2023-26284 | Unspecified vulnerability in IBM MQ Certified Container IBM MQ Certified Container 9.3.0.1 through 9.3.0.3 and 9.3.1.0 through 9.3.1.1 could allow authenticated users with the cluster to be granted administration access to the MQ console due to improper access controls. | 8.8 |
| 2023-03-10 | CVE-2020-5002 | Improper Input Validation vulnerability in IBM Financial Transaction Manager IBM Financial Transaction Manager 3.2.0 through 3.2.10 could allow an authenticated user to perform unauthorized actions due to improper validation. | 8.8 |
| 2023-03-10 | CVE-2022-43902 | Unspecified vulnerability in IBM MQ Appliance IBM MQ 9.2 CD, 9.2 LTS, 9.3 CD, and 9.3 LTS is vulnerable to a denial of service attack caused by specially crafted PCF or MQSC messages. | 7.5 |
| 2023-03-01 | CVE-2020-5001 | Path Traversal vulnerability in IBM Financial Transaction Manager IBM Financial Transaction Manager 3.2.0 through 3.2.7 could allow a remote attacker to traverse directories on the system. | 7.5 |
| 2023-03-01 | CVE-2020-5026 | Unspecified vulnerability in IBM Financial Transaction Manager IBM Financial Transaction Manager for Digital Payments for Multi-Platform 3.2.0 through 3.2.7 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. | 7.5 |
| 2023-03-01 | CVE-2023-26281 | Unspecified vulnerability in IBM Http Server 8.5.0.0 IBM HTTP Server 8.5 used by IBM WebSphere Application Server could allow a remote user to cause a denial of service using a specially crafted URL. | 7.5 |
| 2023-02-27 | CVE-2022-40237 | Unspecified vulnerability in IBM MQ for HPE Nonstop 8.1.0 IBM MQ for HPE NonStop 8.1.0 is vulnerable to a denial of service attack due to an error within the CCDT and channel synchronization logic. | 7.5 |
| 2023-02-22 | CVE-2022-43873 | Unspecified vulnerability in IBM Spectrum Virtualize An authenticated user can exploit a vulnerability in the IBM Spectrum Virtualize 8.2, 8.3, 8.4, and 8.5 GUI to execute code and escalate their privilege on the system. | 8.8 |
| 2023-02-17 | CVE-2022-34351 | Cleartext Storage of Sensitive Information vulnerability in IBM Qradar Security Information and Event Manager IBM QRadar SIEM 7.4 and 7.5 is vulnerable to information exposure allowing a non-tenant user with a specific domain security profile assigned to see some data from other domains. | 7.5 |
| 2023-02-17 | CVE-2022-40231 | Unspecified vulnerability in IBM Sterling B2B Integrator IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.7 and 6.1.0.0 through 6.1.2.0 could allow an authenticated user to perform unauthorized actions due to improper access controls. | 8.8 |