Vulnerabilities > IBM > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-09-30 | CVE-2019-4112 | Improper Privilege Management vulnerability in IBM Websphere Extreme Scale IBM WebSphere eXtreme Scale 8.6 Admin Console allows web pages to be stored locally which can be read by another user on the system. | 3.3 |
| 2019-09-17 | CVE-2019-4171 | Missing Encryption of Sensitive Data vulnerability in IBM Cognos Controller IBM Cognos Controller 10.3.0, 10.3.1, 10.4.0, and 10.4.1 does not set the secure attribute on authorization tokens or session cookies. | 3.7 |
| 2019-09-17 | CVE-2019-4271 | Improper Input Validation vulnerability in IBM Websphere Application Server IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 Admin console is vulnerable to a Client-side HTTP parameter pollution vulnerability. | 3.5 |
| 2019-08-29 | CVE-2019-4132 | Unspecified vulnerability in IBM Cloud Automation Manager 3.1.2 IBM Cloud Automation Manager 3.1.2 could allow a user to be impropertly redirected and obtain sensitive information rather than receive a 404 error message. | 3.3 |
| 2019-07-17 | CVE-2019-4054 | Unspecified vulnerability in IBM Qradar Security Information and Event Manager IBM QRadar SIEM 7.2 and 7.3 could allow a local user to obtain sensitive information when exporting content that could aid an attacker in further attacks against the system. | 3.3 |
| 2019-07-01 | CVE-2019-4296 | Information Exposure Through Log Files vulnerability in IBM Robotic Process Automation With Automation Anywhere 11.0.0.0/11.0.0.1/11.0.0.2 IBM Robotic Process Automation with Automation Anywhere 11 information disclosure could allow a local user to obtain e-mail contents from the client debug log file. | 3.3 |
| 2019-06-25 | CVE-2019-4150 | Improper Certificate Validation vulnerability in IBM Security Access Manager IBM Security Access Manager 9.0.1 through 9.0.6 does not validate, or incorrectly validates, a certificate which could allow an attacker to spoof a trusted entity by using a man-in-the-middle (MITM) attack. | 3.7 |
| 2019-06-17 | CVE-2019-4174 | Improper Privilege Management vulnerability in IBM Cognos Controller IBM Cognos Controller 10.2.0, 10.2.1, 10.3.0, 10.3.1, and 10.4.0 allows web pages to be stored locally which can be read by another user on the system. | 3.3 |
| 2019-06-17 | CVE-2019-4177 | Improper Privilege Management vulnerability in IBM Cognos Controller IBM Cognos Controller 10.2.0, 10.2.1, 10.3.0, 10.3.1, and 10.4.0 allows web pages to be stored locally which can be read by another user on the system. | 3.3 |
| 2019-06-06 | CVE-2019-4161 | Unspecified vulnerability in IBM Security Information Queue 1.0.0/1.0.1/1.0.2 IBM Security Information Queue (ISIQ) 1.0.0, 1.0.1, and 1.0.2 discloses sensitive information to unauthorized users. | 3.3 |