Vulnerabilities > IBM > Low

DATE CVE VULNERABILITY TITLE RISK
2019-04-25 CVE-2019-4146 Unspecified vulnerability in IBM Sterling B2B Integrator 6.0.0.0/6.0.0.1
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 and 6.0.0.1 could allow an authenticated user to obtain sensitive document information under unusual circumstances.
network
high complexity
ibm
3.1
2019-04-02 CVE-2018-1623 Information Exposure vulnerability in IBM Security Privileged Identity Manager 2.1.1
IBM Security Privileged Identity Manager Virtual Appliance 2.2.1 allows web pages to be stored locally which can be read by another user on the system.
local
low complexity
ibm CWE-200
3.3
2019-02-04 CVE-2018-1962 Session Fixation vulnerability in IBM Security Identity Manager
IBM Security Identity Manager 7.0.1 Virtual Appliance does not invalidate session tokens when the logout button is pressed.
local
low complexity
ibm CWE-384
3.3
2019-01-08 CVE-2018-1993 Information Exposure vulnerability in IBM Spectrum Scale
IBM Spectrum Scale (GPFS) 4.1.1, 4.2.0, 4.2.1, 4.2.2, 4.2.3, and 5.0.0 where the use of Local Read Only Cache (LROC) is enabled may caused read operation on a file to return data from a different file.
local
low complexity
ibm CWE-200
3.3
2018-12-13 CVE-2018-1804 Session Fixation vulnerability in IBM Security Access Manager
IBM Security Access Manager Appliance 9.0.1.0, 9.0.2.0, 9.0.3.0, 9.0.4.0, and 9.0.5.0 does not set the secure attribute on authorization tokens or session cookies.
network
high complexity
ibm CWE-384
3.7
2018-12-12 CVE-2018-1484 Session Fixation vulnerability in IBM Bigfix Platform
IBM BigFix Platform 9.2.0 through 9.2.14 and 9.5 through 9.5.9 does not set the secure attribute on authorization tokens or session cookies.
network
high complexity
ibm CWE-384
3.7
2018-12-06 CVE-2018-1505 Information Exposure vulnerability in IBM I2 Enterprise Insight Analysis 2.1.7/2.1.8
IBM i2 Enterprise Insight Analysis 2.1.7 allows web pages to be stored locally which can be read by another user on the system.
local
low complexity
ibm CWE-200
3.3
2018-12-05 CVE-2018-1568 Information Exposure vulnerability in IBM Qradar Incident Forensics
IBM QRadar SIEM 7.2 and 7.3 allows web pages to be stored locally which can be read by another user on the system.
local
low complexity
ibm CWE-200
3.3
2018-11-09 CVE-2016-9749 Improper Input Validation vulnerability in IBM Campaign
IBM Campaign 9.1.0, 9.1.2, 10.0, and 10.1 could allow an authenticated user with access to the local network to bypass security due to lack of input validation.
local
low complexity
ibm CWE-20
3.3
2018-11-09 CVE-2018-1842 Improper Verification of Cryptographic Signature vulnerability in multiple products
IBM Cognos Analytics 11 Configuration tool, under certain circumstances, will bypass OIDC namespace signature verification on its id_token.
local
high complexity
ibm netapp CWE-347
3.6