Vulnerabilities > IBM > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-08-31 | CVE-2023-33833 | Missing Encryption of Sensitive Data vulnerability in IBM Security Verify Information Queue 10.0.4/10.0.5 IBM Security Verify Information Queue 10.0.4 and 10.0.5 stores sensitive information in plain clear text which can be read by a local user. | 3.3 |
| 2023-06-08 | CVE-2023-33847 | Unspecified vulnerability in IBM Cics TX and Txseries for Multiplatform IBM TXSeries for Multiplatforms 8.1, 8.2, 9.1, CICS TX Standard, 11.1, CICS TX Advanced 10.1, and 11.1 does not set the secure attribute on authorization tokens or session cookies. | 3.1 |
| 2023-06-07 | CVE-2023-33849 | Missing Encryption of Sensitive Data vulnerability in IBM Cics TX and Txseries for Multiplatforms IBM TXSeries for Multiplatforms 8.1, 8.2, 9.1, CICS TX Standard, 11.1, CICS TX Advanced 10.1, and 11.1 could transmit sensitive information in query parameters that could be intercepted using man in the middle techniques. | 3.7 |
| 2023-03-15 | CVE-2023-22591 | Insufficient Session Expiration vulnerability in IBM products IBM Robotic Process Automation 21.0.1 through 21.0.7 and 23.0.0 through 23.0.1 could allow a user with physical access to the system due to session tokens for not being invalidated after a password reset. | 3.2 |
| 2023-03-15 | CVE-2020-4556 | Unspecified vulnerability in IBM Financial Transaction Manager IBM Financial Transaction Manager for High Value Payments for Multi-Platform 3.2.0 through 3.2.10 allows web pages to be stored locally which can be read by another user on the system. | 3.3 |
| 2023-02-12 | CVE-2022-42436 | Unspecified vulnerability in IBM MQ IBM MQ 8.0.0, 9.0.0, 9.1.0, 9.2.0, 9.3.0 Managed File Transfer could allow a local user to obtain sensitive information from diagnostic files. | 3.3 |
| 2023-02-01 | CVE-2023-23469 | Unspecified vulnerability in IBM Cloud PAK for Business Automation IBM ICP4A - Automation Decision Services 18.0.0, 18.0.1, 18.0.2, 19.0.1, 19.0.2, 19.0.3, 20.0.1, 20.0.2, 20.0.3, 21.0.1, 21.0.2, 21.0.3, 22.0.1, and 22.0.2 allows web pages to be stored locally which can be read by another user on the system. | 3.3 |
| 2022-11-16 | CVE-2022-34354 | Insecure Storage of Sensitive Information vulnerability in IBM Partner Engagement Manager 6.1.2/6.2.0/6.2.1 IBM Sterling Partner Engagement Manager 2.0 allows encrypted storage of client data to be stored locally which can be read by another user on the system. | 3.3 |
| 2022-11-14 | CVE-2022-34314 | Incorrect Permission Assignment for Critical Resource vulnerability in IBM Cics TX 11.1 IBM CICS TX 11.1 could disclose sensitive information to a local user due to insecure permission settings. | 3.3 |
| 2022-11-14 | CVE-2022-34312 | Insecure Storage of Sensitive Information vulnerability in IBM Cics TX 11.1 IBM CICS TX 11.1 allows web pages to be stored locally which can be read by another user on the system. | 3.3 |