Vulnerabilities > IBM > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-03-04 | CVE-2021-20350 | Cross-site Scripting vulnerability in IBM products IBM Engineering products are vulnerable to cross-site scripting. | 3.5 |
| 2021-03-04 | CVE-2021-20351 | Cross-site Scripting vulnerability in IBM products IBM Engineering products are vulnerable to cross-site scripting. | 3.5 |
| 2021-03-02 | CVE-2020-4725 | Unspecified vulnerability in IBM Cloud Application Performance Management 8.1.4 IBM Monitoring (IBM Cloud APM 8.1.4 ) could allow an authenticated user to modify HTML content by sending a specially crafted HTTP request to the APM UI, which could mislead another user. network ibm | 3.5 |
| 2021-03-02 | CVE-2020-4726 | Insecure Storage of Sensitive Information vulnerability in IBM Cloud Application Performance Management 8.1.4 The IBM Application Performance Monitoring UI (IBM Cloud APM 8.1.4) allows web pages to be stored locally which can be read by another user on the system. | 2.1 |
| 2021-02-18 | CVE-2020-4933 | Cross-site Scripting vulnerability in IBM Jazz Reporting Service IBM Jazz Reporting Service 6.0.6.1, 7.0, 7.0.1, and 7.0.2 is vulnerable to cross-site scripting. | 3.5 |
| 2021-02-18 | CVE-2021-20446 | Cross-site Scripting vulnerability in IBM Maximo for Civil Infrastructure 7.6.2 IBM Maximo for Civil Infrastructure 7.6.2 is vulnerable to cross-site scripting. | 3.5 |
| 2021-02-15 | CVE-2020-4956 | Resource Exhaustion vulnerability in IBM Spectrum Protect Operations Center IBM Spectrum Protect Operations Center 7.1 and 8.1 is vulnerable to a denial of service, caused by a RPC that allows certain cache values to be set and dumped to a file. | 2.3 |
| 2021-02-12 | CVE-2021-20408 | Cleartext Storage of Sensitive Information vulnerability in IBM Security Verify Information Queue 1.0.6/1.0.7 IBM Security Verify Information Queue 1.0.6 and 1.0.7 could disclose highly sensitive information to a local user due to inproper storage of a plaintext cryptographic key. | 2.1 |
| 2021-02-12 | CVE-2021-20410 | Insufficiently Protected Credentials vulnerability in IBM Security Verify Information Queue 1.0.6/1.0.7 IBM Security Verify Information Queue 1.0.6 and 1.0.7 sends user credentials in plain clear text which can be read by an authenticated user using man in the middle techniques. | 3.5 |
| 2021-02-11 | CVE-2020-4768 | Cross-site Scripting vulnerability in IBM Business Automation Workflow and Case Manager IBM Case Manager 5.2 and 5.3 and IBM Business Automation Workflow 18.0, 19.0, and 20.0 are vulnerable to cross-site scripting. | 3.5 |