Vulnerabilities > IBM > High

DATE CVE VULNERABILITY TITLE RISK
2022-08-10 CVE-2022-35715 Information Exposure Through an Error Message vulnerability in IBM Infosphere Information Server 11.7
IBM InfoSphere Information Server 11.7 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in a stack trace.
network
low complexity
ibm CWE-209
7.5
2022-08-01 CVE-2022-34161 Cross-Site Request Forgery (CSRF) vulnerability in IBM Cics TX 11.1
IBM CICS TX 11.1 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts.
network
low complexity
ibm CWE-352
8.8
2022-08-01 CVE-2022-22505 Unspecified vulnerability in IBM Robotic Process Automation
IBM Robotic Process Automation 21.0.0, 21.0.1, and 21.0.2 contains a vulnerability that could allow IBM tenant credentials to be exposed.
network
low complexity
ibm
7.5
2022-08-01 CVE-2022-30616 Unspecified vulnerability in IBM Robotic Process Automation
IBM Robotic Process Automation 21.0.0, 21.0.1, and 21.0.2 could allow a privileged user to elevate their privilege to platform administrator through manipulation of APIs.
network
low complexity
ibm
7.2
2022-08-01 CVE-2022-31776 Server-Side Request Forgery (SSRF) vulnerability in IBM Datapower Gateway
IBM DataPower Gateway 10.0.2.0 through 10.0.4.0, 10.0.1.0 through 10.0.1.8, 10.5.0.0, and 2018.4.1.0 through 2018.4.1.21 is vulnerable to server-side request forgery (SSRF).
network
low complexity
ibm CWE-918
8.8
2022-07-28 CVE-2021-39088 Unspecified vulnerability in IBM Qradar Security Information and Event Manager
IBM QRadar SIEM 7.3, 7.4, and 7.5 is vulnerable to local privilege escalation if this could be combined with other unknown vulnerabilities then privilege escalation could be performed.
local
low complexity
ibm
7.8
2022-07-26 CVE-2022-35286 Cross-Site Request Forgery (CSRF) vulnerability in IBM Security Verify Information Queue 10.0.2
IBM Security Verify Information Queue 10.0.2 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts.
network
low complexity
ibm CWE-352
8.8
2022-07-26 CVE-2022-35639 Unspecified vulnerability in IBM products
IBM Sterling Partner Engagement Manager 6.1, 6.2, and Cloud 22.2 do not limit the length of a connection which could cause the server to become unresponsive.
network
low complexity
ibm
7.5
2022-07-25 CVE-2022-35284 Reliance on Cookies without Validation and Integrity Checking vulnerability in IBM Security Verify Information Queue 10.0.2
IBM Security Verify Information Queue 10.0.2 could disclose sensitive information due to a missing or insecure SameSite attribute for a sensitive cookie.
network
low complexity
ibm CWE-565
7.5
2022-07-25 CVE-2022-35285 Cross-Site Request Forgery (CSRF) vulnerability in IBM Security Verify Information Queue 10.0.2
IBM Security Verify Information Queue 10.0.2 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts.
network
low complexity
ibm CWE-352
8.8