Vulnerabilities > IBM > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-12-20 | CVE-2023-47704 | Use of Hard-coded Credentials vulnerability in IBM Security Guardium KEY Lifecycle Manager 4.2.0 IBM Security Guardium Key Lifecycle Manager 4.3 contains plain text hard-coded credentials or other secrets in source code repository. | 7.5 |
| 2023-12-20 | CVE-2023-47706 | Unrestricted Upload of File with Dangerous Type vulnerability in IBM Security Guardium KEY Lifecycle Manager 4.2.0 IBM Security Guardium Key Lifecycle Manager 4.3 could allow an authenticated user to upload files of a dangerous file type. | 8.8 |
| 2023-12-18 | CVE-2023-46177 | Path Traversal vulnerability in IBM MQ Appliance 9.3.0.0 IBM MQ Appliance 9.3 LTS and 9.3 CD could allow a remote attacker to traverse directories on the system. | 7.5 |
| 2023-12-14 | CVE-2023-45185 | Incorrect Authorization vulnerability in IBM I Access Client Solutions IBM i Access Client Solutions 1.1.2 through 1.1.4 and 1.1.4.3 through 1.1.9.3 could allow an attacker to execute remote code. | 8.8 |
| 2023-12-14 | CVE-2023-45184 | Insecure Storage of Sensitive Information vulnerability in IBM I Access Client Solutions IBM i Access Client Solutions 1.1.2 through 1.1.4 and 1.1.4.3 through 1.1.9.3 could allow an attacker to obtain a decryption key due to improper authority checks. | 7.5 |
| 2023-12-14 | CVE-2022-43843 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in IBM Spectrum Scale 5.1.5.0/5.1.5.1 IBM Spectrum Scale 5.1.5.0 through 5.1.5.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. | 7.5 |
| 2023-12-14 | CVE-2023-43042 | Unspecified vulnerability in IBM Storage Virtualize 8.3 IBM SAN Volume Controller, IBM Storwize, IBM FlashSystem and IBM Storage Virtualize 8.3 products use default passwords for a privileged user. | 7.5 |
| 2023-12-13 | CVE-2023-45166 | Unspecified vulnerability in IBM AIX and Vios IBM AIX 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the piodmgrsu command to obtain elevated privileges. | 7.8 |
| 2023-12-13 | CVE-2023-45170 | Unspecified vulnerability in IBM AIX and Vios IBM AIX 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the piobe command to escalate privileges or cause a denial of service. | 7.8 |
| 2023-12-13 | CVE-2023-45174 | Unspecified vulnerability in IBM AIX and Vios IBM AIX 7.2, 7.3, and VIOS 3.1 could allow a privileged local user to exploit a vulnerability in the qdaemon command to escalate privileges or cause a denial of service. | 7.8 |