Vulnerabilities > IBM > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-06-30 | CVE-2021-38941 | Unspecified vulnerability in IBM Cloud PAK for Multicloud Management Monitoring 2.0.0/2.3.0 IBM CloudPak for Multicloud Monitoring 2.0 and 2.3 has a few containers running in privileged mode which is vulnerable to host information leakage or destruction if unauthorized access to these containers could execute arbitrary commands. | 8.1 |
| 2022-06-30 | CVE-2022-22472 | Improper Preservation of Permissions vulnerability in IBM Spectrum Protect Plus Container Backup and Restore 10.1.10.2/10.1.5/10.1.7 IBM Spectrum Protect Plus Container Backup and Restore (10.1.5 through 10.1.10.2 for Kubernetes and 10.1.7 through 10.1.10.2 for Red Hat OpenShift) could allow a remote attacker to bypass IBM Spectrum Protect Plus role based access control restrictions, caused by improper disclosure of session information. | 8.8 |
| 2022-06-30 | CVE-2022-22474 | Unspecified vulnerability in IBM Spectrum Protect Client IBM Spectrum Protect 8.1.0.0 through 8.1.14.0 dsmcad, dsmc, and dsmcsvc processes incorrectly handle certain read operations on TCP/IP sockets. | 7.5 |
| 2022-06-24 | CVE-2022-22390 | Improper Privilege Management vulnerability in IBM DB2 IBM Db2 for Linux, UNIX and Windows 9.7, 10.1, 10.5, 11.1, and 11.5 may be vulnerable to an information disclosure caused by improper privilege management when table function is used. | 7.5 |
| 2022-06-10 | CVE-2022-22479 | Cross-Site Request Forgery (CSRF) vulnerability in IBM Spectrum Copy Data Management IBM Spectrum Copy Data Management 2.2.0.0through 2.2.15.0 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. | 8.8 |
| 2022-06-07 | CVE-2020-36529 | Command Injection vulnerability in IBM Sevone Network Performance Management A vulnerability classified as critical has been found in SevOne Network Management System up to 5.7.2.22. | 8.8 |
| 2022-06-07 | CVE-2020-36530 | SQL Injection vulnerability in IBM Sevone Network Performance Management A vulnerability classified as critical was found in SevOne Network Management System up to 5.7.2.22. | 8.8 |
| 2022-06-07 | CVE-2020-36531 | Improper Neutralization of Formula Elements in a CSV File vulnerability in IBM Sevone Network Performance Management A vulnerability, which was classified as critical, has been found in SevOne Network Management System up to 5.7.2.22. | 8.8 |
| 2022-06-06 | CVE-2022-22396 | Insufficiently Protected Credentials vulnerability in IBM Spectrum Protect Plus Credentials are printed in clear text in the IBM Spectrum Protect Plus 10.1.0.0 through 10.1.9.3 virgo log file in certain cases. | 7.5 |
| 2022-05-24 | CVE-2022-22497 | Unspecified vulnerability in IBM Aspera Faspex 4.4.1/5.0.0 IBM Aspera Faspex 4.4.1 and 5.0.0 could allow unauthorized access due to an incorrectly computed security token. | 7.5 |