Vulnerabilities > IBM > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-08-26 | CVE-2021-29801 | Unspecified vulnerability in IBM AIX and Vios IBM AIX 7.1, 7.2, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the kernel to gain root privileges. | 7.8 |
| 2021-08-23 | CVE-2021-29704 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in IBM Resilient Security Orchestration Automation and Response 38.0/38.2 IBM Security SOAR uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. | 7.5 |
| 2021-08-23 | CVE-2021-29802 | Improper Privilege Management vulnerability in IBM Resilient Security Orchestration Automation and Response IBM Security SOAR performs an operation at a privilege level that is higher than the minimum level required, which creates new weaknesses or amplifies the consequences of other weaknesses. | 7.5 |
| 2021-08-11 | CVE-2021-20427 | Improper Restriction of Excessive Authentication Attempts vulnerability in IBM Security Guardium 11.2 IBM Security Guardium 11.2 uses an inadequate account lockout setting that could allow a remote attacker to brute force account credentials. | 7.5 |
| 2021-08-04 | CVE-2021-29765 | Unspecified vulnerability in IBM Powervm Fw940/Fw950 IBM PowerVM Hypervisor FW940 and FW950 could allow an attacker to obtain sensitive information if they gain service access to the FSP. | 7.5 |
| 2021-08-02 | CVE-2021-29696 | Unspecified vulnerability in IBM Cloud PAK for Security IBM Cloud Pak for Security (CP4S) 1.5.0.0, 1.5.1.0, 1.6.0.0, 1.6.1.0, 1.7.0.0, and 1.7.1.0 could allow a remote authenticated attacker to execute arbitrary commands on the system by sending a specially crafted request. | 7.2 |
| 2021-08-02 | CVE-2021-29757 | Cross-Site Request Forgery (CSRF) vulnerability in IBM Qradar User Behavior Analytics 4.1.1 IBM QRadar User Behavior Analytics 4.1.1 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. | 8.8 |
| 2021-08-02 | CVE-2021-29741 | Unspecified vulnerability in IBM AIX and Vios IBM AIX 7.1, 7.2, and VIOS 3.1 could allow a local user to exploit a vulnerability in Korn Shell (ksh) to gain root privileges. | 7.8 |
| 2021-07-30 | CVE-2021-29736 | Unspecified vulnerability in IBM Websphere Application Server IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow a remote user to gain elevated privileges on the system. | 8.8 |
| 2021-07-26 | CVE-2021-20337 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in IBM Qradar Security Information and Event Manager IBM QRadar SIEM 7.3.0 to 7.3.3 Patch 8 and 7.4.0 to 7.4.3 GA uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. | 7.5 |