Vulnerabilities > IBM > Low

DATE CVE VULNERABILITY TITLE RISK
2024-03-15 CVE-2023-46181 Information Exposure Through Browser Caching vulnerability in IBM Sterling Secure Proxy 6.0.3/6.1.0
IBM Sterling Secure Proxy 6.0.3 and 6.1.0 allows web pages to be stored locally which can be read by another user on the system.
local
low complexity
ibm CWE-525
3.3
2023-08-31 CVE-2023-33833 Missing Encryption of Sensitive Data vulnerability in IBM Security Verify Information Queue 10.0.4/10.0.5
IBM Security Verify Information Queue 10.0.4 and 10.0.5 stores sensitive information in plain clear text which can be read by a local user.
local
low complexity
ibm CWE-311
3.3
2023-06-08 CVE-2023-33847 Unspecified vulnerability in IBM Cics TX and Txseries for Multiplatform
IBM TXSeries for Multiplatforms 8.1, 8.2, 9.1, CICS TX Standard, 11.1, CICS TX Advanced 10.1, and 11.1 does not set the secure attribute on authorization tokens or session cookies.
network
high complexity
ibm
3.1
2023-06-07 CVE-2023-33849 Missing Encryption of Sensitive Data vulnerability in IBM Cics TX and Txseries for Multiplatforms
IBM TXSeries for Multiplatforms 8.1, 8.2, 9.1, CICS TX Standard, 11.1, CICS TX Advanced 10.1, and 11.1 could transmit sensitive information in query parameters that could be intercepted using man in the middle techniques.
network
high complexity
ibm CWE-311
3.7
2023-03-15 CVE-2023-22591 Insufficient Session Expiration vulnerability in IBM products
IBM Robotic Process Automation 21.0.1 through 21.0.7 and 23.0.0 through 23.0.1 could allow a user with physical access to the system due to session tokens for not being invalidated after a password reset.
low complexity
ibm CWE-613
3.2
2023-03-15 CVE-2020-4556 Unspecified vulnerability in IBM Financial Transaction Manager
IBM Financial Transaction Manager for High Value Payments for Multi-Platform 3.2.0 through 3.2.10 allows web pages to be stored locally which can be read by another user on the system.
local
low complexity
ibm
3.3
2023-02-12 CVE-2022-42436 Unspecified vulnerability in IBM MQ
IBM MQ 8.0.0, 9.0.0, 9.1.0, 9.2.0, 9.3.0 Managed File Transfer could allow a local user to obtain sensitive information from diagnostic files.
local
low complexity
ibm
3.3
2023-02-01 CVE-2023-23469 Unspecified vulnerability in IBM Cloud PAK for Business Automation
IBM ICP4A - Automation Decision Services 18.0.0, 18.0.1, 18.0.2, 19.0.1, 19.0.2, 19.0.3, 20.0.1, 20.0.2, 20.0.3, 21.0.1, 21.0.2, 21.0.3, 22.0.1, and 22.0.2 allows web pages to be stored locally which can be read by another user on the system.
local
low complexity
ibm
3.3
2022-11-16 CVE-2022-34354 Insecure Storage of Sensitive Information vulnerability in IBM Partner Engagement Manager 6.1.2/6.2.0/6.2.1
IBM Sterling Partner Engagement Manager 2.0 allows encrypted storage of client data to be stored locally which can be read by another user on the system.
local
low complexity
ibm CWE-922
3.3
2022-11-14 CVE-2022-34314 Incorrect Permission Assignment for Critical Resource vulnerability in IBM Cics TX 11.1
IBM CICS TX 11.1 could disclose sensitive information to a local user due to insecure permission settings.
local
low complexity
ibm CWE-732
3.3