Vulnerabilities > IBM > Low

DATE CVE VULNERABILITY TITLE RISK
2022-11-16 CVE-2022-34354 Insecure Storage of Sensitive Information vulnerability in IBM Partner Engagement Manager 6.1.2/6.2.0/6.2.1
IBM Sterling Partner Engagement Manager 2.0 allows encrypted storage of client data to be stored locally which can be read by another user on the system.
local
low complexity
ibm CWE-922
3.3
2022-11-14 CVE-2022-34314 Incorrect Permission Assignment for Critical Resource vulnerability in IBM Cics TX 11.1
IBM CICS TX 11.1 could disclose sensitive information to a local user due to insecure permission settings.
local
low complexity
ibm CWE-732
3.3
2022-11-14 CVE-2022-34312 Insecure Storage of Sensitive Information vulnerability in IBM Cics TX 11.1
IBM CICS TX 11.1 allows web pages to be stored locally which can be read by another user on the system.
local
low complexity
ibm CWE-922
3.3
2022-11-14 CVE-2022-34313 Unspecified vulnerability in IBM Cics TX 11.1
IBM CICS TX 11.1 does not set the secure attribute on authorization tokens or session cookies.
network
high complexity
ibm
3.1
2022-11-03 CVE-2022-42442 Exposure of Resource to Wrong Sphere vulnerability in IBM Robotic Process Automation for Cloud PAK
"IBM Robotic Process Automation for Cloud Pak 21.0.1, 21.0.2, 21.0.3, 21.0.4, and 21.0.5 is vulnerable to exposure of the first tenant owner e-mail address to users with access to the container platform.
local
low complexity
ibm CWE-668
3.3
2022-07-11 CVE-2020-4138 Unspecified vulnerability in IBM Security Siteprotector System 3.1.1
IBM SiteProtector Appliance 3.1.1 allows web pages to be stored locally which can be read by another user on the system.
local
low complexity
ibm
2.1
2022-07-08 CVE-2022-22370 Cross-site Scripting vulnerability in IBM Security Verify Access
IBM Security Verify Access 10.0.0.0, 10.0.1.0, 10.0.2.0, and 10.0.3.0 is vulnerable to cross-site scripting.
network
ibm CWE-79
3.5
2022-07-08 CVE-2022-34166 Cross-site Scripting vulnerability in IBM Cics TX 11.1
IBM CICS TX Standard and Advanced 11.1 is vulnerable to cross-site scripting.
network
ibm CWE-79
3.5
2022-07-08 CVE-2022-34167 Cross-site Scripting vulnerability in IBM Cics TX 11.1
IBM CICS TX Standard and Advanced 11.1 is vulnerable to stored cross-site scripting.
network
ibm CWE-79
3.5
2022-07-01 CVE-2022-22366 Cleartext Storage of Sensitive Information vulnerability in IBM Urbancode Deploy
IBM UrbanCode Deploy (UCD) 6.2.7.15, 7.0.5.10, 7.1.2.6, and 7.2.2.1 stores user credentials in plain clear text which can be read by a local user.
local
low complexity
ibm CWE-312
2.1